Aireplay-ng Aireplay-ng is primarily useful for generating wireless traffic. Aireplay-ng supports the following attacks. They are listed along with the corresponding number from the tool’s docume...

Airdecap-ng Airdecap-ng is useful after we have successfully retrieved the key to a wireless network. We can use it to decrypt WEP, WPA PSK, or WPA2 PSK capture files. # Keep the packets targeted...

Aircrack-ng Aircrack-ng is considered an offline attack since it works with packet captures and doesn’t require interaction with any Wi-Fi device. It can crack WEP and WPA/WPA2 networks that use p...

TCPDUMP (-i) interface (-w) output file (- for STDOUT) (-U) output each packet as it arrives sudo tcpdump -i wlan0mon -w - -U DUMPCAP (-P) output data on pcap format sudo dumpcap -w - -P -i wlan...

Layout The packet list layout can be rearranged in various ways. Let’s select Edit > Preferences > Appearance > Layout to choose another arrangement. Wireless Toolbar You can display ...

Wireshark Display Filters # packets containing certificates (useful in WPA enterprise) tls.handshake.certificate # wlan.fc.type have four different values: 0, 1, 2, and 3: Management, Control, Dat...

Installing Wireless Card Drivers To install drivers for a specific wireless card we need to upgrade the and update our linux machine as follows: sudo apt update && sudo apt upgrade sudo re...

Wireless Utilities Even though we could still use iwconfig and other tools are deprecated and we shouldn’t use them anymore. The iw utility and its variety of options is the only command we need f...

rfkill Utility rfkill is a tool to enable or disable connected wireless devices. Let’s run rfkill list to display all the enabled Wi-Fi and Bluetooth devices on the system: kali@kali:~$ sudo rfk...

Loading and Unloading Wireless Drivers This guide explains the process to load and unload a wireless driver. If there are two or more devices using the same driver, can cause unexpected results wh...