wireless swissknife written in Python and work on Linux environment. This is a
multipurpose tools designed for audit (penetration testing) networks, detect
wireless intrusion (WEP/WPA/WPS attacks) and also intrusion prevention
(stopping station from associating to access point). Apart from these, it will
harvest all WiFi information in the surrounding and store in databases. This
will be useful when it comes to auditing a network if the access point is ‘MAC
filtered’ or ‘hidden SSID’ and there isn’t any existing client at that moment.
WAIDS may be useful to
penetration testers, wireless trainers, law enforcement agencies and those who
is interested to know more about wireless auditing and protection. The
primarily purpose for this script is to detect intrusion. Once wireless detect
is found, it display on screen and also log to file on the attack. Additional
features are added to current script where previous WIDS does not have are :
save the attack packets into a file
where users are allow to perform many functions
allow user to
analyse captured packets
saved pcap file or any other pcap file to be examine
detection threshold (sensitivity of IDS in detection)
At present, WAIDS is able to
detect the following wireless attacks and will subsequently add other detection
found in the previous WIDS.
deauthentication which may indicate a possible WPA attack for handshake
WEP attack using the ARP request replay method
WEP attack using chopchop method
WPS pin bruteforce attack by Reaver, Bully, etc.
Rogue Access Point
Wireless Auditing, Intrusion Detection & Prevention System will comprise of
Other additional item
include analyzing of packets, display of captured dump, display network
barchart and much more.