Wireless Auditing, Intrusion Detection & Prevention System

WAIDPS is an open source
wireless swissknife written in Python and work on Linux environment. This is a
multipurpose tools designed for audit (penetration testing) networks, detect
wireless intrusion (WEP/WPA/WPS attacks) and also intrusion prevention
(stopping station from associating to access point). Apart from these, it will
harvest all WiFi information in the surrounding and store in databases. This
will be useful when it comes to auditing a network if the access point is ‘MAC
filtered’ or ‘hidden SSID’ and there isn’t any existing client at that moment.


WAIDS may be useful to
penetration testers, wireless trainers, law enforcement agencies and those who
is interested to know more about wireless auditing and protection. The
primarily purpose for this script is to detect intrusion. Once wireless detect
is found, it display on screen and also log to file on the attack. Additional
features are added to current script where previous WIDS does not have are :

save the attack packets into a file

interactive mode
where users are allow to perform many functions

allow user to
analyse captured packets

load previously
saved pcap file or any other pcap file to be examine


detection threshold (sensitivity of IDS in detection)

At present, WAIDS is able to
detect the following wireless attacks and will subsequently add other detection
found in the previous WIDS.

Association /
Authentication flooding

Detect mass
deauthentication which may indicate a possible WPA attack for handshake

Detect possible
WEP attack using the ARP request replay method

Detect possible
WEP attack using chopchop method

Detect possible
WPS pin bruteforce attack by Reaver, Bully, etc.

Detection of

Detection of
Rogue Access Point

The whole structure of the
Wireless Auditing, Intrusion Detection & Prevention System will comprise of

Harvesting WiFi Information         [Done]

Intrusion Detection                         [Partially Done]

Intrusion Prevention                       [Partially Done]

Auditing (Testing network)            [Coming Soon]

Other additional item
include analyzing of packets, display of captured dump, display network
barchart and much more.

Tutorial & Source

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

The Complete OSINT Tutorial to Find Personal Information About Anyone

This article mainly focuses on how to discover a person's digital footprint and gather personal data by using open-source intelligence (OSINT). So, in its...

How to find the password of hacked email addresses using OSINT

Open-source intelligence or OSINT is a potent technique, and it can give a lot of valuable information, if implemented correctly with the right strategy...

How to Identify Company’s Hacked Email Addresses Using Maltego & HaveIbeenPawned

This article is part of the Maltego OSINT tutorial, where you will learn to identify the already hacked account, and it’s password using the...

5 Key Vulnerabilities in Global Payroll

The cyber threat against payroll is growing in sophistication and frequency, according to the latest FBI cybercrime report. Many of these attacks exploit fixable...