Wireless Penetration Testing involves identifying and examining the connections between all devices connected to the business’s wifi. These devices include laptops, tablets, smartphones, and any other internet of things (IoT) devices.
Why it is necessary?
Wireless penetration tests are typically performed onsite as the pen tester needs to be in range of the wireless signal to access it. Alternatively, a NUC and Wifi Pineapple can be deployed onsite to remotely perform the test.
Wireless communications are an invisibly running service that allows data to flow in and out of the network. Therefore, this wireless network must be secured from any weaknesses like unauthorized access or data leakage.
Before performing a wireless penetration test you should consider the following:
- Have all access points been identified and how many use poor encryption methods?
- Is the data flowing in and out of the network encrypted and if so, how?
- Are there monitoring systems in place to identify unauthorized users?
- Is there any possibility the IT team could have misconfigured or duplicated a wireless network?
- What are the current measures in place to protect the wireless network?
- Are all wireless access points using WPA protocol?