🕸️Network Scanning attack

Types of Network Scanning

Passive Scanning:

The attacker listens to the Wi-Fi traffic without transmitting any data. This allows them to gather information about nearby networks and devices without being detected.

Purpose: To collect data such as network SSIDs, MAC addresses, signal strength, channel information, and possibly even unencrypted traffic.

Active Scanning:

The attacker sends probe requests to elicit responses from nearby Wi-Fi networks and devices. This type of scanning involves actively transmitting packets.

Purpose: To discover hidden networks (those that do not broadcast their SSIDs) and gather more detailed information about the network infrastructure.

Active vs Passive Scanning

WI-FI Scanning Tools

Passive Scanning Tools

Wireshark:

Description: A network protocol analyzer that captures and analyzes network traffic. Purpose: To inspect packet details, analyze protocols, and detect anomalies in Wi-Fi traffic.

Kismet:

Description: A wireless network detector, sniffer, and intrusion detection system. Purpose: To passively capture traffic, detect hidden networks, and identify devices connected to Wi-Fi networks.

Active Scanning Tools

NetStumbler:

Description: A tool for Windows that detects Wi-Fi networks. Purpose: To find open networks, measure signal strength, and log network data.

Acrylic Wi-Fi:

Description: A Windows-based Wi-Fi scanner. Purpose: To provide detailed information about nearby networks, including SSID, MAC addresses, channels, and encryption types.

Network Enumeration Tools

Aircrack-ng:

Description: A suite of tools for assessing Wi-Fi network security. Purpose: To capture packets, deauthenticate clients, and perform brute-force attacks to crack WEP and WPA-PSK keys.

:

Description: A Wi-Fi network scanner for Windows and macOS. Purpose: To map out network coverage, detect signal overlap, and identify interference sources.

Beacon Frame Spoofing Tools

mdk3:

Description: A tool for various wireless network attacks. Purpose: To create fake beacon frames, perform de-authentication attacks, and more.

aireplay-ng:

Description: Part of the Aircrack-ng suite, used for packet injection. Purpose: To generate de-authentication frames and other packets to disrupt network communications.