What do you think?
Rate this book
Kali Linux Wireless Penetration Testing: Beginner's Guide: Learn to penetrate Wi-Fi and wireless networks to secure your system from vulnerabilities
NA
214 pages, Paperback
First published March 30, 2015
26 people are currently reading
119 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 6 of 6 reviews
November 3, 2015
Great beginner's guide for Kali Linux with some solid "block and tackle" elements (always good to use a sports analogy with tech stuff). Suffers very slightly from age (it came out waaay back in March).
Interspersed within the chapters and at the end of each are summaries, quizzes and tests - good effective learning tools.
Gives a clear description of a lab setup along with a specific hardware set (a TP-link TL-WR841N router and an Alfa USB wireless adapter along with an attacker and a victim (describes how to do this with VMs as well)). Gives this and the installation of Kali in various forms from download to login. Very helpful.
It has a very (very) brief overview the WLAN frames and the overall 802.11 protocol. Barely enough I think, but it does make it clear where the basic insecurities lie. Gives some usage of ifconfig, iwconfig along with airmon-ng (etc.).
Oh, a quick caution - this book was not written with the latest Kali (2.0 which is quite new as I write this) so be aware that some of the commands need to be tweaked. The main one being how it handles monitor mode designations - for example where the book says:
airmon-ng start wlan1
you won't get a monitor mode interface called mon0, you will get one named wlan1mon.
There's a bit on wireshark, though I think much is left for the leaner to figure out (thank you, youtube) - you can get through the exercises easy enough though. Wireshark is used throughout, so you'll be navigating with relative ease soon (still, it has power that extends well beyond what is used in this book).
So, what else - packet sniffing and injection, understanding regional issues around access point channels and power output - this is key to understanding other attacks that are not completely covered in this book, btw. A section showing how easy it is to defeat hidden SSIDs and MAC filtering.
I don't think, btw, that there's enough coverage of MAC spoofing, which is generally a good idea... generally.
And there are a few sections on cracking WEP (yawn), WPA and WPA2. Worth noting that attacks on the latter two have progressed since this book was published - there is a section at the end of the book covering them, barely. This is the wash/reaver attack routine and also is impacted by Kali 2.0 with regard to naming conventions.
This isn't in the book, but this may help someone to bridge the old to new version of Kali when performing a reaver attack:
airmon-ng start wlan1
ifconfig wlan1mon down
iwconfig wlan1mon mode monitor
ifconfig wlan1mon up
(worked for me)
then wash/reaver
wash -i wlan1mon -C (etc YMMV)
reaver -i wlan1mon -b ......
(and again, you may want to mess with your MAC addy via "ifconfig ... ether...")
What else... cowpatty tool is covered as an exercise to the reader (quite a bit of that, which is fine), aircrack, airdecap (pretty much can be done with wireshark but it's good to know there are options - and there are many), evil twin attacks, DoS, and there's some use of wifi bridge utilities in a few sections (ie MITM attacks).
And there is a nice section on Client attacks (cafe-latte and the Hirte attack as examples), so not everything here is about router compromises. The section on MITM attacks covers eavesdropping and session hijacking; good detail.
Anyway, now I want to be done. Good intro though it scratches the surface of what Kali has - not that it would matter since it would be partially incomplete now anyway. It is still a fine guide with plenty of screen caps and step-by-steps. What it does miss or cover in the "post published update section" is covered in great detail all over the web. Keep an eye out for wlan1mon versus mon0 and you should be fine.
Lastly - don't be mean. Enjoy the read.
Interspersed within the chapters and at the end of each are summaries, quizzes and tests - good effective learning tools.
Gives a clear description of a lab setup along with a specific hardware set (a TP-link TL-WR841N router and an Alfa USB wireless adapter along with an attacker and a victim (describes how to do this with VMs as well)). Gives this and the installation of Kali in various forms from download to login. Very helpful.
It has a very (very) brief overview the WLAN frames and the overall 802.11 protocol. Barely enough I think, but it does make it clear where the basic insecurities lie. Gives some usage of ifconfig, iwconfig along with airmon-ng (etc.).
Oh, a quick caution - this book was not written with the latest Kali (2.0 which is quite new as I write this) so be aware that some of the commands need to be tweaked. The main one being how it handles monitor mode designations - for example where the book says:
airmon-ng start wlan1
you won't get a monitor mode interface called mon0, you will get one named wlan1mon.
There's a bit on wireshark, though I think much is left for the leaner to figure out (thank you, youtube) - you can get through the exercises easy enough though. Wireshark is used throughout, so you'll be navigating with relative ease soon (still, it has power that extends well beyond what is used in this book).
So, what else - packet sniffing and injection, understanding regional issues around access point channels and power output - this is key to understanding other attacks that are not completely covered in this book, btw. A section showing how easy it is to defeat hidden SSIDs and MAC filtering.
I don't think, btw, that there's enough coverage of MAC spoofing, which is generally a good idea... generally.
And there are a few sections on cracking WEP (yawn), WPA and WPA2. Worth noting that attacks on the latter two have progressed since this book was published - there is a section at the end of the book covering them, barely. This is the wash/reaver attack routine and also is impacted by Kali 2.0 with regard to naming conventions.
This isn't in the book, but this may help someone to bridge the old to new version of Kali when performing a reaver attack:
airmon-ng start wlan1
ifconfig wlan1mon down
iwconfig wlan1mon mode monitor
ifconfig wlan1mon up
(worked for me)
then wash/reaver
wash -i wlan1mon -C (etc YMMV)
reaver -i wlan1mon -b ......
(and again, you may want to mess with your MAC addy via "ifconfig ... ether...")
What else... cowpatty tool is covered as an exercise to the reader (quite a bit of that, which is fine), aircrack, airdecap (pretty much can be done with wireshark but it's good to know there are options - and there are many), evil twin attacks, DoS, and there's some use of wifi bridge utilities in a few sections (ie MITM attacks).
And there is a nice section on Client attacks (cafe-latte and the Hirte attack as examples), so not everything here is about router compromises. The section on MITM attacks covers eavesdropping and session hijacking; good detail.
Anyway, now I want to be done. Good intro though it scratches the surface of what Kali has - not that it would matter since it would be partially incomplete now anyway. It is still a fine guide with plenty of screen caps and step-by-steps. What it does miss or cover in the "post published update section" is covered in great detail all over the web. Keep an eye out for wlan1mon versus mon0 and you should be fine.
Lastly - don't be mean. Enjoy the read.
July 11, 2015
Good content
While there were occasional typos, the content us really great for providing a foundation for wireless pentesting. 3 more words required.
While there were occasional typos, the content us really great for providing a foundation for wireless pentesting. 3 more words required.
October 20, 2017
This is the best book so far for wireless pentration that i've read. This books gives step by step method and gudies us on the go. Hope to see these types of book more 😁😁
July 28, 2021
Transport layer goes brrrrr.
It covers KRACK!
It covers KRACK!
October 30, 2016
Kilka ciekawych rzeczy wyjaśnia, ale tak to zawartość standardowa.
Nie jest źle podana, ale bez szału też.
Nie jest źle podana, ale bez szału też.
Displaying 1 - 6 of 6 reviews