WiFi is Internet on the go, without coverage.
Let us cover your WiFi testing needs.
Identify Wireless Security Vulnerabilities
Simply because of their nature, wireless networks are inherently less secure than wired networks.
From rogue access points and weak encryption algorithms to customers that access your wireless networks, threats to WiFi networks are unique and the risk they pose for businesses can be significant. It is for this very reason that businesses must be cognizant of the security implications associated with an unsecured wireless network.
Our wireless penetration testing services can help you evaluate the security of your wireless implementations and we can provide you with remediation recommendations for improvement.
Use your mouse to hover over the pie chart and see the stats.
A Hybrid Approach
All of our WiFi Penetration Tests go beyond standards – such as NIST – and your test will come with a detailed final report.
Your detailed final report will include an executive summary, a listing of findings, risk ratings and remediation recommendations. A letter of attestation can be provided upon your request.
Throughout the WiFi penetration testing process, automated as well as comprehensive manual testing will be used to identify all wireless network and business-logic related vulnerabilities.
- WIFI Misconfiguration
- Legacy Encryption
- Weak Encryption Keys
- Evil Twin Attacks
- Insecure EAP Types
- WIFI Protected Setup (WPS) Vulnerabilities
Our Systematic Protection
Process
Many organizations use WiFi networks for better employee collaboration and customer satisfaction as guests. WiFi networks can be less secure because of broadcasting the network outside of the organization. Additionally, if the access points aren’t set up correctly, attackers can gain access to the network. If the WiFi network isn’t segmented from the other networks within the organization, an unauthorized user could gather valuable company information. MainNerve’s WiFi penetration test can help identify these vulnerabilities with our state of the art testing methodology.
- Many people forget about their wireless network security, especially since they don’t often use it as they are hard-wired in.
The planning phase of the WiFi penetration testing process includes establishing the overall timeline of the WiFi security test, whether or not the test will be performed using White, Gray, or Black Box methodologies, communicating about on- and off-limit access points, and creating the Rules of Engagement (ROE).
MainNerve will perform extensive enumeration and footprinting of the wireless target environments to identify and verify all access points. MainNerve will also determine the encryption types used across the wireless environment. At this point, key targets will then be selected for exploitation during the attack phase. If, during the discovery phase, unencrypted networks are discovered, clear-text transmissions will be captured and reassembled to identify user credentials and other sensitive information.
The attack phase of the WiFi penetration test process is where exploitation of vulnerabilities occurs. MainNerve may initiate several attacks depending on the wireless environment. These attacks can include man-in-the-middle and brute force attacks, exploitation of rogue access points, session hijacking, and more. MainNerve will try to exploit potential vulnerabilities by utilizing a blend of custom, open source, and commercial software tools. MainNerve will try to exploit a vulnerable host with the explicit intention of accessing sensitive information, establishing a persistent presence on the network, and exploiting the trusts of related systems.
At MainNerve, we consider the final phase of the WiFi penetration testing process, reporting, to be the most crucial and instrumental step. During this phase, we take great care to ensure we effectively communicate the value of our service and findings as thoroughly as possible. Our main goal is to ensure that all information from the WiFi security assessment is clearly understood and that a roadmap toward remediation/mitigation is well defined. A comprehensive final report detailing all testing information and remediation recommendations along with an executive summary is securely delivered during this step.