| Your 802.11 Wireless Network has No Clothes | W.A. Arbaugh, N. Shankar, Y.C.J. Wan | March, 2001 |
| Weaknesses in the Key Scheduling Algorithm of RC4 | S. Fluhrer1, I. Mantin2, & A. Shamir | Aug, 2001 |
| (In)Security of the WEP algorithm (paper) | N. Borisov, I. Goldberg & D. Wagner | 2001 |
| Practical Exploitation of RC4 Weaknesses in WEP Environments | David Hulton (Dachb0den) | February 22, 2002 |
| Seven Security Problems of 802.11 wireless | Matthew Gast | May 24, 2002 |
| Cracking WEP | Seth Fogie | July 12, 2002 |
| 4 Simultaneous Channels Okay For 802.11b (whitepaper) | J. Louderback (M. Burton) | November, 2002 |
| Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection | Joshua Wright | November 8, 2002 |
| Wireless Network Security: 802.11, Bluetooth and Handheld Devices | NIST | November, 2002 |
| Detecting Wireless LAN MAC Address Spoofing | Joshua Wright | January 21, 2003 |
| WPA - Wireless Security for the rest of us | Tim Higgins | November 1, 2002 |
| 802.11 Security Series - Part II: The Temporal Key Integrity Protocol (TKIP) | Jesse Walker | 2002 |
| 802.11 Security Series - Part III: AES-based Encapsulations of 802.11 Data | Jesse Walker | 2002 |
| Diving into the 802.11i Spec: A Tutorial | Dennis Eaton, Intersil | Nov 26, 2002 |
| Top 3 Attack Tools Threatening Wireless LAN's | SANS Webcast | March, 2003 |
| 802.11 Specifications (Part 11: Wireless LAN MAC and PHY) (Not available) | IEEE 802.11 | June 2003 |
| Wireless - The Ever Changing Landscape of Network Security | SANS Webcast | July, 2003 |
Normativa Wireless en España (2003)  | J. I. Gonzalez Braña | July, 2003 |
| Wi-Fi Protected Access (WPA) NeedToKnow - Part II | Tim Higgins | August 17, 2003 |
| Pen Testing and Securing Wireless Communications | SANS Webcast | October, 2003 |
| Weakness in Passphrase Choice in WPA Interface | Robert Moskowitz | November 4, 2003 |
| Debunking the Myth of SSID Hiding | Robert Moskowitz | December 1, 2003 |
| Channels, Power Levels, and Antenna Gains (802.11 a/b) | Cisco | 2004 |
| WLAN Security Monitors | Frank Bulk | March, 2004 |
| 802.11i specification (Amendment 6: MAC Security Enhancements) | IEEE 802.11 | June 2004 |
| Moser Informatik Auditor Security Collection (Auditor) - Product Review | Humphrey Cheung | July 1, 2004 |
| LEAP: A looming disaster in Enterprise Wireless LANs | George Ou | July 6, 2004 |
| EAP-FAST: The LEAP and PEAP killer? | George Ou | July 6, 2004 |
| Surviving the Running Man Competition at Defcon 12 | Blackthorn Systems | July 30, 2004 |
| Cracking the wireless security code (benchmarking 23 from 17) | J. Snyder, R. Thayer | October 4, 2004 |
| Wireless Local Area Network Security - Obscurity Trough Security | OUSPG | October, 2004 |
| WEP: Dead Again, Part 1 | Michael Ossmann | December 14, 2004 |
| WLAN and Stealth Issues | Oudot Laurent | 2005 |
| Identifying and Responding to Wireless Attacks | Chris Hurley | 2005 |
| Paranoid Penguin - Securing WLANs with WPA and FreeRADIUS, Part I | Mick Bauer | March, 2005 |
| Paranoid Penguin - Securing WLANs with WPA and FreeRADIUS, Part II | Mick Bauer | March, 2005 |
| Paranoid Penguin - Securing WLANs with WPA and FreeRADIUS, Part III | Mick Bauer | March, 2005 |
| Wireless LAN security guide | George Ou | June, 2005 |
| Design and Implementation of a Wireless IDS | L. Butti & F. Veysset | February, 2005 |
| WEP: Dead Again, Part 2 | Michael Ossmann | March 8, 2005 |
| Cracking Wi-Fi Protected Access (WPA), Part 1 | Seth Fogie | March 4, 2005 |
| Cracking Wi-Fi Protected Access (WPA), Part 2 | Seth Fogie | March 11, 2005 |
| Evasión de Filtros MAC en Redes 802.11 | Univ. Andes | March, 2005 |
| The Feds can own your WLAN too | Humphrey Cheung | March 31, 2005 |
| How To Crack WEP – Part 1: Setup & Network Recon | Humphrey Cheung | May 10, 2005 |
| How To Crack WEP - Part 2: Performing the Crack | Humphrey Cheung | May 18, 2005 |
| Overview of the WPA wireless security update in Windows XP * | Microsoft | March 24, 2005 |
| Microsoft Windows XP SP2 WPA2 support | Microsoft | May 6, 2005 |
| Mapping the 802.11 Protocol (poster) | Matthew Gast | May 20, 2005 |
| 128 Bit Wep cracking (Flash video) | Digi | May, 2005 |
| Weaknesses in Wireless LAN Session Containment (paper) | Joshua Wright | May, 2005 |
| Understanding the updated WPA and WPA2 standards * ** | George Ou | June 2, 2005 |
| Distributed Wireless Security Monitors | Frank Bulk | June, 2005 |
| Attacking WiFi nets with traffic injection (2nd Ed) | Cedric Blancher | June, 2005 |
| Void11 Mass De-Authentication (Flash video) | Digi | June, 2005 |
| WPA Cracking (Flash video) | Digi | June, 2005 |
| Rogue Squadron | Shmoo Group | July, 2005 |
| Cracking WEP with WHAX (Flash video) | Christophe Devine | July, 2005 |
| Cracking WPA with WHAX (Flash video) | Christophe Devine | July, 2005 |
| Attacks on wireless clients: Hotspotting | Max Moser | July, 2005 |
| RF Fingerprinting for Intrusion Detection in Wireless Networks | J. Hall, et.al. | July, 2005 |
| 802.11 VLANs and Association Redirection | Johnny Cache | September, 2005 |
| The Fragmentation Attack in Practice | Andrea Bittau | September, 2005 |
| Four Ways To Monitor Your Wireless Network | SANS Webcast | October, 2005 |
| Migrating from WEP to WPA2 | SANS Webcast | January, 2006 |
| Linux and wireless networking | LWN | January, 2006 |
| Wi-Fi Security's Personal Problems | Andy Dornan | March, 2006 |
| Channel Sampling Strategies for Monitoring Wireless Networks | U. Deshpande et.al. | April, 2006 |
| How 802.11w will improve wireless security (TGw PAR and project) | Joshua Wright | May, 2006 |
| Hack the 802.11 MAC Protocol Exploit Analysis | Amilabs | May, 2006 |
| New Methods of Spoof Detection in 802.11b Wireless Networking | Douglas Madory | June, 2006 |
| Upside-Down-Ternet: fun with wireless | Pete Stevens | June, 2006 |
| Establishing Wireless Robust Security Networks: A Guide to IEEE 802.11i | NIST | June, 2006 |
| Wireless IDS/IPS: Safe Inside a Bubble | Frank Bulk | June, 2006 |
| Cracking WiFi… Faster! (FPGAs) | David Hulton | June, 2006 |
| Create a secure (WPA2-PSK) Linux-based WiFi AP | StoneLion | July, 2006 |
| Cool and Illegal Wireless Hotspot Hacks | Daniel V. Hoffman | July, 2006 |
| The "Janus Project": massive WiFi sniffing | H. Cheung | August, 2006 |
| (WiFi) Device Drivers | j. cache & D. Maynor | August, 2006 |
| Wi-Fi Advanced Stealth | F. Veysset & L. Butti | August, 2006 |
| Faster PwninG Assured (FPGAs) | D. Hulton & D. Moniz | August, 2006 |
| 802.11b Firmware-Level Attacks | J. Wright, M. Kershaw | September, 2006 |
| WiMAX System Overview | Rohde &Schwarz | November, 2006 |
| The Month of Kernel Bugs (MoKB) - 7 WiFi drivers vulnerabilities | LMH | November, 2006 |
| Técnicas de Detección de Intrusiones en Redes 802.11 | Asier Martínez | November, 2006 |
| Wireless Networking with Windows Vista in a Domain Environment | Z. Alexander | December, 2006 |
| WiMAX security issues | Joshua Wright | December, 2006 |
| Windows client update to prevent the wireless advertising of the PNL | Microsoft | January, 2007 |
| Wireless Forensics - Tapping the Air - Part I | Raul Siles | January, 2007 |
| Wireless Forensics - Tapping the Air - Part II | Raul Siles | January, 2007 |
| Wave Bubble - A design for a self-tuning portable RF jammer | Lady Ada | January, 2007 |
| Exploiting 802.11 Wireless Driver Vulnerabilities on Windows | J. Cache, HD Moore, skape | January, 2007 |
| Ultimate guide to enterprise Wireless LAN security (PDF) | George Ou | January, 2007 |
| Learning About WMM and 802.11e | Chris Geaghan | March, 2007 |
| Extensible 802.11 Packet Flinging (LORCON) | J. Wright, M. Kershaw | March, 2007 |
| Hacking the Airwaves with FPGAs (Schmoocon 07) | h1kari (David Hulton) | March, 2007 |
| Issues with SSID cloaking and three risks | J. Wright | March, 2007 |
| Wi-Fi Advanced Fuzzing (handouts) | Laurent Butti | March, 2007 |
| RF Basics: Part 1 | Subbu Ponnuswamy | April, 2007 |
| 802.11r: Wireless LAN Fast Roaming | Dave Molta | April, 2007 |
| Breaking 104 bit WEP in less than 60 seconds (RC4 maths) | E. Tews, R. Weinmann and A. Pyshkin | April, 2007 |
| What else do you need not to use WEP anymore? | Raul Siles | April, 2007 |
| Breaking 40-bit WEP in less than 30 seconds? | Raul Siles | April, 2007 |
| AirDefense "WEP Cloaking": Perpetuating Flawed Protocols | J. Wright | April, 2007 |
| How WiFi Ad-Hoc Networks are Like Zombies (Free Public WiFi) (Part II) | J. Wright | May, 2007 |
| Why VPN can’t replace Wi-Fi security | George Ou | May, 2007 |
| Wi-Fi CERTIFIED™ 802.11n draft 2.0: Taking Wi-Fi® to the Next Level | Wi-Fi Alliance | May, 2007 |
| RIPPS: Detecting Unauthorized Wireless Hosts (pdf) | C. Mano, et al | May, 2007 |
| What MFP will do for your WLAN | J. Wright | May, 2007 |
| 802.11 Specifications (Part 11: Wireless LAN MAC and PHY) - update | IEEE 802.11 | June 2007 |
| A secure Wireless LAN hotspot for anonymous users | George Ou | July, 2007 |
| The Emperor Has No Cloak – WEP Cloaking Exposed (humorous) | Vivek Ramachandran | August, 2007 |
| To WEP or not to WEP. That is the question! | Raul Siles | August, 2007 |
| Abusing and Misusing Wireless Cameras | Seth Fogie | September, 2007 |
| Five Wireless Threats You May Not Know | J. Wright | September, 2007 |
| WEP Caffe Latte Vulnerability (Toorcon9 presentation) | AirTight | October, 2007 |
| Wireless Threats and Practical Exploits | J. Wright (Aruba) | October, 2007 |
| A Closer Look at Wireless
Intrusion Detection: How to Benefit from a Hybrid Deployment Model | J. Wright (Aruba) | December, 2007 |
| The 10 Minute Wireless VPN: iPIG | C. Peikari & S. Fogie | January, 2008 |
| PEAP: Pwned Extensible Authentication Protocol (tool) | J. Wright, B. Antoniewicz | February, 2008 |
| Wireless security foiled by new exploits | J. Wright | February, 2008 |
| High Speed Risks in 802.11n Networks - Tools (RSA) | J. Wright | April, 2008 |
| WiMax: Just Another Security Challenge? | S. Barish | August, 2008 |
The drivers supported by every tool have been listed after the tool name. The nomenclature used for naming the drivers is:
HostAP (H), Wlan-ng (W), Prism54 (P), Madwifi (M), Hermes/Orinoco (O), Ralink (R), RealTek (RT), Cisco Aironet (A), Intel Centrino (C)... If a specific tool supports almost all drivers, it is listed as all and if it is based on LORCON (multi-driver library) it appears as (L).
If a tool simply requires to have a driver that support monitor mode, it is denoted by (RFMON).
The drivers and wireless chipset relationships is listed under the "Drivers (Linux)" section below.
|
|
| Drivers (Linux) |
| Host AP | Jouni Malinen | Host AP driver for Intersil Prism2/2.5/3, hostapd, and WPA Supplicant |
| Wlan-ng | AbsoluteValue Sys | Complete, standards based, wireless LAN system for Prism cards |
| AirJack | M. Lynn, R. Baird | Driver for 802.11(a/b/g) raw frame injection (essid_jack, wlan_jack...) |
| MADwifi-ng | Michael Renzmann | Multiband Atheros driver for WiFi cards |
| Prism54 | Luis R. Rodriguez | Linux driver for the 802.11g Prism (GT, Duette, Indigo) chipsets |
| IPW2100 | James Ketrenos | Intel Pro/Wireless 2100 Centrino (b) |
| IPW2200 | James Ketrenos | Intel Pro/Wireless 2200 BG Centrino (a/b/g, ipw2200 and ipw2915) |
| IPW3495 | Zhu Yi | Intel Pro/Wireless 3495 ABG adapter (a/b/g) (injection patch) |
| Intel 4965AGN | Intel | Intel WiFi 4965AGN adapter (a/b/g/n) - iwlwifi |
| orinoco_cs | David Gibson | Lucent/Agere, Prism2 & Symbol Spectrum24 chipsets (CVS) |
| Hermes AP | Hunz | AP (BSS master) mode with Hermes/Orinoco cards under Linux |
| Broadcom 43xx | BerliOS | Broadcom 43xx Linux wireless driver (specification) |
| RTL8180 | Andrea Merello | Linux drivers for Realtek's WiFi cards |
| RT2x00 | Mark Wallis | Linux drivers for Ralink rt2400, rt2500, rt61 & rt73 chipsets (rt73/2570 enhanced) |
| airo_cs | Cisco | Linux drivers for Cisco Aironet chipsets |
| Zydas (SF) | Mayne | Linux driver for the ZyDAS ZD1211(b) 802.11a/b/g USB WLAN chip |
|
|
LORCON |
| LORCON (Loss Of Radio CONnectivity) is a Linux-based wireless library for packet injection. Specifically, it is a generic library for injecting 802.11 frames, capable of injection via multiple driver frameworks, without forcing modification of the application code. It has been developed by dragorn (Mike Kershaw) and Joshua Wright.
LORCON has been ported to Ruby (ruby-lorcon) by H D Moore, and to Python (pylorcon) by Tom Wambold. |
|
| Suites (Multi-tool distributions) |
| Airbase | Johny Cache | Collection of wireless tools: WEP cracking, traffic injection, libraries (libairware)...
jc-aircrack, jc-wepcrack, pcap-wepcrypt, prism-strip, simple-replay, pcap2air |
| WToolkit (Win) | Toolcrypt | Multiple Windows wireless tools:
eth2wep, wanalyse, wdecrypt, wdump, wdupiv, wfilter, wgetkey, wmerge |
| aircrack (all) | Christophe Devine | 802.11 sniffer and WEP key cracker for Win & Lx: (Version 2.41)
aireplay, airodump, aircrack, 802ether... (Original homepage is offline) |
| aircrack-ng (all) | | Set of tools for auditing wireless networks (Forums) |
| aircrack-ptw (all) | | WEP cracking improvements based on Klein's paper (PTW: Pychkine, Tews and Weinmann) |
|
| Traffic capture, network identification & analysis |
| Kismet (all) | Mike Kershaw | 802.11 layer2 wireless network detector, sniffer, and IDS (gpsmap) (blog) |
| Kismet-newcore (all) | Mike Kershaw | Kismet rewritten... + doomcube |
| Kismet for Windows | Josh Wright | Kismet for Windows useful to monitor WRT54G drones |
| gkismet | Anton Solovyev | A GUI Kismet client (Gnome/Gtk perl based) |
| Netstumbler (Win) | Peter K. Lee | A Wireless 802.11(b) Network Analyzer (stumbler.net) |
| AirTraf (W, A) | Marius Milner | Windows tool to detect WLANs 802.11b/a/g
(original) |
| Wellenreiter (H, A) | Remote Exploit | Wireless network discovery and auditing tool |
| THC Wardrive (W) | THC | Tool for mapping wireless networks with a GPS |
| WifiScanner (H, W) | HSC | Tool for wireless nodes discovery |
| WiCrawl (all) | Midnight RL | AP auditing tool (Plug-ins) |
| Ferret | Errata Security | Wireless hotspot information leakage and correlation tool (Hamster/Sidejacking) |
| WiFiZoo | Hernan | Wireless passive sniffer and correlation tool |
| FreeRADIUS-WPE | J. Wright, B. Antoniewicz | FreeRADIUS - Wireless Pwnage Edition |
| MoocherHunter | ThinkSECURE | Tool to physically hunt down and geo-locate wireless moochers, hackers and other unauthorized users. |
|
| Traffic injection |
| void11 (H) | Reyk Floeter | Implementation of some basic DoS 802.11b attacks (gvoid11, GUI) |
| airpwn (all, old:H) | Bryan Burns (toast) | Generic packet injection on an 802.11 network (DefCon 12). Now, based on LORCON! |
| airpwn (Windows) | Joshua Wright | Generic packet injection on an 802.11 network (ShmooCon 07). Now, based on LORCON! |
| file2air (L) | Joshua Wright | A tool to inject packets into an 802.11 networks |
| rcovert (P, M) | Laurent Butti | Initiates a covert channel over 802.11 nets (raw injection) |
| Wireshark patch (all) | Asier Martínez | Wi-Fi frame injection patch for Wireshark |
| MDK3 (R) | Pedro Larbig | Multi-purpose tool for common unauthenticated attacks (& MDK2) |
| Zulu (R) | mccoyd | Comand line wireless frame injector |
|
| WEP |
| WEPCrack (RFMON) | Anton T. Rager | An open source tool for breaking 802.11 WEP secret keys
(original) |
| AirSnort (RFMON) | Snax | AirSnort is a WLAN tool which recovers encryption keys (Forums) |
| WepLab (RFMON) | J. I. Sánchez Martín | Tool to teach how WEP works, its vulnerbilities and to break WEP keys |
| WepAttack | D. Blunk, A. Girardet | WLAN open source Linux tool for breaking 802.11 WEP keys |
| WEPWedgie (airjack) | Anton Rager | Tool for determining WEP keystreams and injecting traffic |
| chopchop (W) | KoreK | WEP attacks (inverse adaptive chosen plaintext attack, inductive) |
| afrag (R) | Pedro Larbig | Implementation of the Fragmentation Attack (rt2570) |
| WepOff (usage) | S. Gordeychik | Fake AP frag. attack tool against WEP-based wireless clients. |
|
| EAP, WPA, WPA2... |
| asleap (RFMON) | Joshua Wright | Weak (Cisco) LEAP password recovery tool (MS-CHAPv2). PPTP too. |
| coWPAtty | Joshua Wright | Offline WPA PSK Dictionary Attack Tool |
| wpa_attack | T. Takahashi | WPA Passive Dictionary Attack Overview |
| WPA supplicant | Jouni Malinen | Linux WPA/WPA2/IEEE 802.1X Supplicant |
| Open1X | Group | Open Source Implementation of IEEE 802.1X |
| GRC's password generator | Steve Gibson | WEP & WPA GRC's Ultra High Security Password Generator |
| WPA-PSK Key Generator | Kurtm | WPA pre-shared key generator (Warewolf Labs) |
| SecureW2 (Win) | Alfa & Ariss | The powerful open source EAP-TTLS Client for Windows (& PocketPC) |
|
| WIDS (open-source) |
| AirSnare | Digital Matrix | Windows wireless intrusion detection for unfriendly MAC & DHCP requests |
| APTools | Kirby Kuehl | 802.11b Rogue Access Point Detection |
| Snort-Wireless | Andrew Lockhart | Wireless extensions for Snort |
| WIDZ | Mark Osborne | Wireless Intrusion Detection System, an IDS for 802.11 (Wi-Fi Honeypot) |
|
| Access Points (MITM) |
| ap-utils | Bryan Burns | Wireless Access Point utilities for Unix (using the SNMP protocol) |
| AirSnarf (H) | The Shmoo Group | A rogue AP setup utility |
| Airsnarf Rogue Squadron | The Shmoo Group | A rogue AP implementation for the Linksys WRT54G |
| FakeAP (H) | Black Alchemy Ent. | 802.11b access points counterfeit generator |
| rfakeap (P, M) | Laurent Butti | Emulates IEEE 802.11 APs (wireless raw injection) |
| WKnock | Laurent Oudot | WiFi AP (802.11) knocking tool |
|
| Clients (MITM) |
| Hotspotter | Remote Exploit | Automatic wireless client penetration |
| KARMA (M, H) | Dino D. Zovi | Wireless Client Security Assessment Tools (auto net selection) |
| rglueap (P, M) | Laurent Butti | Catches wireless stations searching for preferred ESSIDs |
| WiFiTAP (P, M, H, W, R, RT) | Cedric Blancher | Direct comm. with an associated station to an AP directly |
| Probemapper (P) | ThinkSECURE | Tool to detect and inspect probe requests |
| Karmetasploit (all) | H D Moore | KARMA + Metasploit 3 == Karmetasploit |
| airbase-ng | aircrack-ng | Multiple client-based WiFi attack (suite) |
| Jasager (FON) | R. Wood | Karma on the FON (OpenWRT) |
|
| VPNs or Captive Portals |
| Wireless heartbeat | | Wireless authentication access control system (Captive portal) |
| Wicap | Brian Caswell | Wireless authentication captive portal |
| SLAN | | Secure LAN, VPN solution between client and service provider |
| Chillispot | Jens Jakobsen | Open source captive portal or wireless LAN access point controller |
| NoCatAuth | Schuyler Erle | Open source captive portal (Perl & C) |
| WiFiDog | Ile sans fil | A captive portal suite |
|
| Linux kernel |
| WiFi kernel stack | James Ketrenos | Open source 802.11 network stack for the Linux kernel |
| WiFi stack | Devicescape | Linux kernel alternative wireless GPL stack |
| WiFi softmac | SIP Solutions | Linux kernel software MAC layer |
| NdisWrapper | | Linux LKM to load and run Ndis (Windows network driver API) drivers |
| DriverLoader | Linuxant | Compatibility-wrapper for Windows NDIS drivers to run on Linux |
|
| Configuration |
| Wireless Assistant | | Linux scanning WiFi client tool (similar to Windows WZC) (NetGo) |
| Network Manager | Red Hat | Linux GUI network configuration utility |
| MAC changer | Alvaro Lopez Ortega | A GNU/Linux utility for viewing/manipulating the MAC address of NICs |
| SimpleMAC (Win) | Dukelupus | Windows MAC address modifying utility |
| SMAC (Win) | KLC Consulting, Inc. | Windows MAC address modifying utility ($$) |
| Macsift (Win) | Nathan True | Free command-line MAC changing utility for Windows XP |
|
| PDAs |
| WiFiFoFum2 | Aspecto Software | WiFi scanner and war driving software for Pocket PC |
| Ministumbler | Peter K. Lee | A Wireless 802.11(b) Network Analyzer for PDAs |
| Pocket Warrior | | Wi-Fi Surveying tool for the Pocket PC |
|
| Radio Frequency (RF) |
| WiSPY-Tools | Mike Kershaw | Open-source tools for supporting the Wi-Spy USB device |
| Wi-Spy software | Metageek | Windows tools for supporting the Wi-Spy USB device |
|
| (Online) WiFi power calculators |
| Wireless Calculator | Zytrax | Complete Javascript WiFi system calculator |
| Wireless utilities | Electro-comm Dist. | Interactive Wireless Network Design Analysis Utilities |
| Communications utilities | CSG | Communications Converters and Calculators |
| 802.11n WLAN Coverage Estimator | Airtight Networks | 802.11n signal estimation and layout calculator |
|
| WiFi-related tools |
| WPA-PSK lookup tables | Church of Wifi | Church of Wifi WPA-PSK Rainbow Tables |
| Rainbowtables | Shmoo | Precomputed rainbow tables (password hashes) - torrent - |
| Rainbowcrack-online | | Commercial pre-generated hash tables |
| CrypTool | TUD, DB | Free tool to apply and analyze cryptographic mechanisms |
| Libro de criptografia | Jorge Ramió | Libro Electronico de Seguridad Informatica y Criptografia |
|
| Live CDs |
| BackTrack | Remote-Exploit | Slackware-based Live CD |
| SkyRidr | Nico Darrow | WiFi FreeFall Toolkit (Auditor CD-based) |
| WiFiSlax | SeguridadWireless | Wireless Auditing Live CD (BT-based) - Spanish |
| WiFiWay | SeguridadWireless | Wireless Auditing Live CD |
| Russix | Russ & Steve | Wireless Auditing Live CD |
| Russix | Russ & Steve | Wireless Auditing Live CD |
| OSWA-Assistant | ThinkSECURE | Wireless Auditing Live CD |
|
| WiFi standards (protocols, security...) |
| IEEE 802.11 | IEEE | IEEE 802.11 group
(timelines) |
| IEEE wireless | IEEE | IEEE wireless standards development (Wireless World) |
| IETF | IETF | Internet Engineering Task Force |
| Wi-Fi Alliance | Wi-Fi Alliance | |
| WPA | Wi-Fi Alliance | Wi-Fi Protected Access |
| WPA2 | Wi-Fi Alliance | Wi-Fi Protected Access 2 |
| Wi-Fi Security | Wi-Fi Alliance | Wi-Fi security recommendations |
|
| WiFi Portals & Webs (mostly security-related) |
| CIS WiFi | CIS | CIS Benchmark for Wireless Infrastructure |
| Default wireless settings | Remote Exploit | Wireless default settings and related vulnerability listx |
| Wi-Fi Planet | | The source for Wi-Fi business & technology |
| The Linux Wireless LAN Howto | Jean Tourrilhes | Open Source project sponsored by Hewlett Packard |
| Wireless Extensions & Tools | Jean Tourrilhes | Open Source project sponsored by Hewlett Packard |
| The Unofficial 802.11 Security | Bernard Aboba | The Unofficial 802.11 Security Web Page |
| Wi-Fi Dog of War Mini How-To | Beetle | Laptop for wireless assessments |
| Wireless hacks | O'Reilly | Wireless hacks articles from the book |
| Wireless LAN Security | Jacco Tunnissen | Wardriving & Warchalking |
| Wardriving.com | Fred | Wardriving portal |
| Warchalking | | Warchalking information |
| George Ou blog | George Ou | Wireless news and articles |
| WirelessDefence | | Wireless site for 802.11a/b/g WLAN Security |
| WiFi Geek Portal | | All your WLAN belong to us... |
| Slashdot WiFi news | | Updated wireless news from Slashdot |
| Tom's Networking - Wireless | | Tom's Networking wireless related articles |
| WiFipedia | OUSPG/Frontier | Free source of WLAN-related information |
| Wireless Security | C. Peikari, S. Fogie | WiFi Security articles (Informit.com) |
| Wireless Networking | Microsoft | WiFi Windows resources |
| NetworkWorld - Wireless Security | NetworkWorld | WiFi Security column |
| Seguridad Wireless | HWAGM | Wireless security
|
| The Edge | Aruba | Online Secure Mobility community brought to you by Aruba Networks |
|
| Interesting WiFi usages |
| iSPOTS | | How Wireless Technology is Changing Life on the MIT Campus |
| Skyhook Wireless | | Wireles positioning system (WPS) to get the location of any Wi-Fi device (Loki) |
| Project MAP | | MAP (Measure, Analyze, Protect) framework to address attacks on WiFi networks |
|
| Antennas |
| Antenna on the Cheap
| Rob Flickenger | (er, Chip) July, 2001. |
| Pringles modified | | 802.11b Homebrew Antenna Shootout - 2/14/2 |
| Cantenna
| Andrew S. Clapp | Cantenna - yagi design for 802.11b wireless application |
| Building Cantenna | Julian Ho | ThinkSecure |
| Antenna calculator | Lincomatic | A circular waveguide calculator for designing "cantennas" |
| Cantenna calculator | | ThinkSecure |
| Defcon Wifi Shootout 2005 | Defcon 13 | New world record for unamplified wireless networking!! |
|
| Wireless security groups |
| The Shmoo Group | | Information security research and development |
| Trifinite Group | | Research in wireless communications and related areas |
|
| Wireless Forums |
| Kismet Forums | | Kismet |
| Netstumbler Forums | | Netstumbler |
| Church of WiFi Forums | | Church of WiFi |
| Aircrack Forums | | Aircrack |
| SF Wireless Security | |
SecurityFocus Wireless Security mailing-list |
| Remote Exploit Forums | | BackTrack, WHAX, Auditor CD... |
| Wi-Foo Forums | | Wi-Foo book |
| Wi-Spy Forums | | Metageek |
|
| Wireless hardware |
| WLAN Adapter Chipset Directory | AbsoluteValue Sys. | List of WLAN adpaters/cards and their chipset |
| Hardware comparison | Seattle Wireless | Kismet |
| WiFi cards list | ndiswrapper | WiFi cards, chipset and details |
| WiFi certified products | WiFi Alliance | Company, type & capabilities |
| Linux Incompatibility List | David N. Welton | Linux cards that do NOT work with Linux |
| Auditor CD compatibility List | Auditor CD | Auditor CD WiFi compatible hardware (laptops, USBs and cards) |
| Linux cards compatibility List | Werner Heuser | Linux PCMCIA/CF/CardBus Card Survey (sorted by Manufacturer) |
| Linux wireless LAN support | HJ Heins | Wireless Adapter Chipset Directory |
| Wireless cards support | seguridadwireless.net | Wireless cards comparisson table |
| Atheros Customer Products Database | Atheros | Atheros wireless cards mapping |
|
| Linksys firmwares |
| The following is a list of third-party firmwares that work on the open-source Linksys WRT54G access point. Details are available in the Linksys GPL source code center. If you have problems updating the firmware (or restoring the previous version), follow the revival guide: |
|
Sveasoft Alchemy & Talisman,
OpenWrt,
HyperWRT,
WiFiBox,
Airsnarf Rogue Squadron,
Ewrt,
DD-WRT,
EarthLink IPv6,
Sputnik Hotspot,
BatBox |
|
If you are interested in running Kismet on the WRT54G, check
this.
|
|
| Wireless DB and maps |
| Node DB | | Internet wireless access mapping around the globe |
| World Wide Wardrive project | WWWD | Generating awareness of the wireless insecurities |
| WiGLE (Stats) | arkasha & bobzilla | Wireless Geographic Logging Engine |
| Wi-Fi Hotspot list | | The Definitive WiFi HotSpot Directory |
| Wi-Fi Maps | | Wardriving Maps and Hotspot Locator (US) |
| Municipal WiFi | | Municipal wireless project worldwide |
| Jiwire | | Wireless hotspots search enginee |
| Madrid Wireless (freenetworks) | Madrid | Construyendo comunidades de redes inalámbricas |
| Red Libre | | Comunidad de acceso libre a las redes wireless |
| WiFi Sniffer | Lycos.es | Buscador de Hotspots en España |
| WiFi FON | FON | Movimiento FON de acceso libre a Internet (Blog) |
| Los gatos usan WiFi | Ciudad wireless | Blog sobre tecnologías WiFi |
| Observatorio Wireless | IWE-X | Observatorio para la evolución del WiFi en España |
| GPS Visualizer | | Free on-line utility that creates maps and profiles from GPS data |
Wireless Security Live CD Distributions (Jan' 08)