Security Professionals need to be intimately familiar with all a huge assortment of hacking software. There are literally THOUSANDS of hacking tools available for download. Some of these tools are free. Some of them must be purchased. Some of them are open source. Some of them are gold. Some of them are very poor.
And let’s not forget that a lot of hacking software you find may just be trojan horses in disguise. Think about it, if you’re a malicious hacker who wants to sucker a bunch of people into giving you access to their computers, what are you going to do?
You could code a “hacking tool” and offer it for download, meanwhile add in a hidden keylogger and maybe a bot client as well…
Be careful what you download. That does without saying. However, you can rest assured that the following list of hacking software is all legitimate and will NOT infect your computer with anything bad. These tools are used every day by thousands of IT security professionals and penetration testers, and you should get to know them if you want to get paid to do this stuff. Keep reading for my list of wifi hacking software. All of the hacking tools listed are included in one or more of my tutorials on this site.
WiFi Hacking Software
The alphabetical list of tools used in the tutorials on this website:
- Airbase
- Aircrack
- Aireplay
- Airmon
- Airodump
- Cowpatty
- Crunch
- Fern WiFi Cracker
- Gerix
- Hashcat
- John the ripper
- Macchanger
- Mdk3
- Pyrit
- Reaver
- Wireshark
Don’t be alarmed. These are a lot to take in, but I’ll break them down and explain what they do here. My other articles detail how to use these tools and what you ca do with them.
Hacking Software for Security Professionals
Airbase-ng
There are a ton of uses for airbase-ng, but one of the coolest things it can do is spoof WiFi networks. Attackers regularly use airbase-ng to create fake wireless access points to trick users into connecting to them. The attackers may offer enticing names like “Free WiFi.” Security professionals can also use airbase-ng to evaluate if company employees will connect to other access points and leak information. You should learn how this tool works.
Aircrack-ng
Aircrack-ng is the grand daddy of WiFi cracking tools. It can crack WEP, WPA, and WPA2 networks. It can crack WEP using statistical analysis of captured IVs, and it can crack WPA and WPA2 using dictionary files. It is available only through a Linux OS like BackTrack or Kali, often it is already installed.
Aireplay-ng
Aireplay is a traffic generation tool. It’s used to inject WiFi frames and is usually run in conjunction with airodump and aircrack. Why would you necessarily want to generate traffic and inject it into the wireless access point you’re targeting? By generating traffic and injecting it, aireplay can greatly increase the speed with which you can crack WEP.
Airmon-ng
Airmon is used to place your wireless adapter into monitor and packet injection mode. You need a wireless adapter capable of packet injection like the Alfa wireless adapter line. We use airmon-ng a LOT on this website.
Airodump-ng
Airodump sniffs and stores wifi traffic to a file. We use airodump quite a lot as well, especially in attacking WEP and WPA or WPA2 networks. Airodump stores the packets we will later need to run password cracking tools against.
Cowpatty
Cowpatty is a WPA and WPA2 hacking software. It can attack WPA / WPA2 networks using dictionary attacks and precomputed attacks using special rainbow tables.
Crunch
Crunch is a wordlist generator. You can specify a character limit, like 1 through 8 characters, and a character set, such as all upper- and lowercase English characters, plus numbers. Crunch will then generate a list of all possible combinations and permutations, of that character set. This can result in a sort of dictionary / bruteforce attack.
Fern WiFi Cracker
Fern is a GUI (Graphical User Interface) tool for cracking WEP and WPA networks. It allows attacking WPA using either a dictionary file or by the WPS vulnerability. If you can’t handle command line tools, you can use Fern because it offers a point-and-click interface and is very easy to figure out. (However, you’ll probably be made fun of if you can’t do your job using command line tools.)
Gerix
Gerix is another GUI WiFi hacking software. Again, use it if you have to, but you should really learn to use all the command line tools as well. Don’t cop out by just sticking to GUI hacking tools.
Hashcat
Hashcat is another flavor of WPA hacking software, and it claims to be the fastest WPA cracker available. I haven’t tested that, but hashcat is a great tool to have on your resume. Hashcat is a lot more powerful than most of the other tools we use. Because hashcat lets you combine a ton of different attack options like brute force, dictionary, combination, and hybrid brute force / dictionary attacks. You’ll learn all about this on my hashcat tutorial.
John the Ripper
John is a well known and used password cracking tool. We can also leverage the power of John the Ripper into attacking WPA and WPA2 preshared keys.
Macchanger
Macchanger isn’t hacking software, but it does allow us to spoof our wireless adapter’s MAC address to avoid detection, and it’s a tool and technique that malicious hackers use often. For that reason, you should be familiar with macchanger.
MDK3
MDK3, which stands for Murder, Death, Kill 3, is a denial of service tool for WiFi networks. If you can’t hack it, DoS it. MDK3 offers many options to flood an access point and prevent legitimate users from using it.
Pyrit
Pyrit allows you to precompute databases of possible WPA/WPA2 passwords. Pyrit is similar to hashcat.
Reaver
Reaver is a one of the best WiFi hacking tools available, because it allows you to hack WPA2 networks WITHOUT dictionary files, brute force attacks, or precomputed/rainbow tables. Reaver does not attack the WPA2 password directly like the other tools do. Reaver attempts to discover the password by attacking WPS Pins, which are 8 digit number strings to enable quick WiFi access. Not all WiFi networks have WPS, but those that do are at risk from a reaver attack.
Wireshark
Wireshark is a network sniffing tool. We can use wireshark to capture WPA handshakes for WPA/WPA2 cracking. We can also use wireshark once connecting to the wireless network in order to sniff client data.
So there you have it. A very quick breakdown of wireless hacking software. The tutorials and videos on this site use all of these hacking tools at least once, so you will gain a great understanding of how they work and be on your way to a successful IT security career.