Monday, February 16, 2009

Network Tools

Below we describe a collection of cost-free tools that can be used both as attack tools and as audit tools.

· AirJack ( is a collection of wireless card drivers and related programs. It includes a program called monkey_jack that automates the MITM attack. Wlan_jack is a DoS tool that accepts a target source and BSSID to send continuous deauthenticate frames to a single client or an entire network (broadcast address). Essid_jack sends a disassociate frame to a target client in order to force the client to reassociate with the network, thereby giving up the network SSID.

  • AirSnort ( ) can break WEP by passively monitoring transmissions and computing the encryption key when enough packets have been gathered.
  • Ethereal ( ) is a LAN analyzer, including wireless. One can interactively browse the capture data, viewing summary and detail information for all observed wireless traffic.
  • FakeAP ( can generate thousands of counterfeit 802.11b access points.
  • HostAP ( converts a station that is based on Intersil's Prism2/2.5/3 chipset to function as an access point.
  • Kismet ( is a wireless sniffer and monitor. It passively monitors wireless traffic and dissects frames to identify SSIDs, MAC addresses, channels and connection speeds.
  • Netstumbler ( is a wireless access point identifier running on Windows. It listens for SSIDs and sends beacons as probes searching for access points.
  • Prismstumbler ( can find wireless networks. It constantly switches channels and monitors frames received.
  • The Hacker’s Choice organization ( has LEAP Cracker Tool suite that contains tools to break Cisco LEAP. It also has tools for spoofing authentication challenge-packets from an AP. The WarDrive is a tool for mapping a city for wireless networks with a GPS device.
  • StumbVerter ( is a tool that reads NetStumbler's collected data files and presents street maps showing the logged WAPs as icons, whose color and shape indicating WEP mode and signal strength.
  • Wellenreiter ( is a WLAN discovery tool. It uses brute force to identify low traffic access points while hiding the real MAC address of the card it uses. It is integrated with GPS.
  • WEPcrack ( cracks 802.11 WEP encryption keys using weaknesses of RC4 key scheduling.

No comments: