In this chapter, we’ll settle on our practice lab, Install Kali Linux on Virtual machine and HDD both. This chapter will get you started thinking about what is Kali Linux, how to configure your wireless lab, and how to accomplish most out of it in terms of WiFi pentesting with plenty of images to help you at every step.

From the uses you may know of some tools that we use during wireless pentests, we’ll cover what penetration testers (like at DefCon) are doing with tools today. Included here are many best practices and suggestions for how to not get stuck when a tool stops working, while exploring the variety of ways to hack the wireless security like WPA/2 and WPS manually.

In this chapter, we demystify the process of post exploitation of machines over the LAN and sniffing the traffic and analysing it with packet analyser. Whether you identify as a penetration tester or a beginner, completely inept in both facets, we’ve got you covered with tons of step-by-step advice and resources that will help you become a ninja WiFi hacker. Not to mention you also get free 3-months subscription forums.

Once you’ve created the copy of your target access point, party has just begun. In this chapter, we’ll discuss some common Access Point spoofing strategies and speak in layman's terms about what it really means to test your fake access points. Leave the coding and stuff at home, and we’ll talk common sense strategies for better and best working rogue access points.

You can design and create the best net in the ocean, but if you’re not near the fish, you’ll never catch a thing. The same goes for your access points. If your landing page doesn’t have a stealthy and trustworthy mechanism to pwn this victim, it doesn’t have power to give you the most out of your setup and attack strategy. And no victim, means no information breach. We’ll discuss no-nonsense methods you can use to create the automatic popup splash screen that you see instantly when connected to public WiFi like Starbucks, and how to hack Android/iOS device with it on automation.

Once you’ve got all the setup working, and victims coming into your honeypot, it’s time to wonder what’s next. We’ll take you beyond the world of traditional fake access point that's ever been taught in this chapter, and discuss some super powerful and out-of-the-box automation tactics, to give you an idea of what you can do with your fake access point. TL;DR few folks did perform this attack at DefCon this Year to sniff cleartext WiFi passwords.

It is not difficult to assume that during wireless pentesting people do end up having only one Wi-Fi NIC and struggle to crack into the target wireless network sometimes, thanks to WPA2. In this chapter, we learn how to create virtual interfaces on a single adapter and run multiple access point while connected to personal hotspot with same card, simultaneously. Connectify for Linux? Yes, we are crafting our own here. Free of cost

If you are familiar with Fake access points, you might be having troubles with targeted rogue AP attack. A rogue AP with single adapter usually lacks no connection to WAN. Even if you create virtual interface, there is a chance you don’t have an active Internet source. Hence, no Internet for client which can cause serious suspicion and cause client to disconnect from your fake access point. Here we learn to spoof the client (Windows, Android, iOS, Macintosh) to trick them and prevent automatic disconnection