Pre-loader

Red Team Wi-Fi: Modern Techniques

Why choose this course?

Save time, and hack fast!

Many publications exist documenting ways to attack Wi-Fi networks. However, the gap between old methods that have become obsolete and the current state and outdated tools can be frustrating for someone who wants to learn or even update his knowledge in this field.

This course aims to learn the modern ways of assessing the security of Wi-Fi networks and how to apply these attacks against organizations during a Red Team engagement. Indeed, during this course, we will be able to start from the very beginning by talking about old, current, and new attacks and opportunities to allow attendees to fulfill their pentest or Red Team engagements in the future based on our recent experiences.

Contact us to request a quote! Look at the pricing

About the training

Throughout this course, you will discover:

  • Introduction on actual Wi-Fi setups, standards, and common attacks
  • Monitoring and capturing signals over-the-air
  • Analyzing the signal
  • Using the right tools at the right moment
  • Attacking communications (injection, cracking, etc.)
  • Attacks in WEP, WPA/WPA2
  • Study the case of WPA3
  • The case of open networks and rogue APs
  • Stack protocol vulnerabilities
  • Red Team tricks
  • etc.

Part 1: Fingerprinting and observations

This part will introduce all the essential concepts of Wi-Fi. Indeed, starting with usages, topologies, and standards, attendees should have a well-condensed reminder to be able for the attacks later. Then we go through different techniques to identify the other network to focus on our target(s) and investigate for potential openings.

Assignment 1: Network enumeration

  • Scanning networks
  • Identifying our targets

Assignment 2: Capturing traffic

  • Use of promiscuous mode
  • Switching to monitor mode
  • Using dedicated tools for efficient Wardriving

Assignment 3: Playing with packets

  • Analyzing packets
  • Modifying and forging own packets with Scapy


Part 2: Attacks

After learning about monitoring, captures, and packet manipulations, we will see different cases and understand the opportunities an attacker can take when attacking a network. This part will go through old vulnerabilities that can still exist in some context to the newest attack opportunities, including existing tools.

Assignment 1: WEP

  • Identifying the target
  • Attacking it efficiently
  • Capturing the secret

Assignment 2: WPA/WPA2 PSK

  • Identifying the target
  • Sniffing handshakes
  • Attacking the target
  • Capturing the secret

Assignment 3: WPA2 MGT

  • Identifying the target
  • Targeting a client
  • Attacking the network
  • Capturing the secret
  • Going further inside the Active Directory

Further attacks

We finish by looking at different ways and other opportunities we can acquire during a penetration test or a Red Team test, including some good Red Team tricks when all these skills are implemented.



The content of private trainings can be arranged depending on your needs. We also provide additional content as follows:

  • Fuzzing the Wi-Fi stacks
  • Reversing FullMAC firmware
  • etc.
  • Knowledge of Linux administration
  • Understanding of pentesting (network and applications) or Red teaming
Events hosting our courses

Pricing (prices exclude 20% VAT in France)

Remote Single person
2 500€ for one person

2-day remote live training, including slides, a complete RF kit (a Wi-Fi dongle and preinstalled Raspberry Pi 4 target), scripts/tools, and captures. The content can be customized depending on the means and required days for the training.

Contact us!
POPULAR
Remote Private group
2 000€ /attendee
+ possible discount

2-day remote live training, including slides, a complete RF kit (a Wi-Fi dongle and preinstalled Raspberry Pi 4 target), scripts/tools, and captures. The content can be customized depending on the means and required days for the training.

An extra discount can be negotiated depending on the number of attendees.

Contact us!
Tailored content

Content can be fully tailored depending on your needs.

Contact us for more information!