# Wireless Pentesting

## Wi-Fi basic commands

```
ip link show #List available interfaces
iwconfig #List available interfaces
airmon-ng check kill #Kill annoying processes
airmon-ng start wlan0 #Monitor mode
airmon-ng stop wlan0mon #Managed mode
airodump-ng wlan0mon #Scan (default 2.4Ghz)
airodump-ng wlan0mon --band a #Scan 5Ghz
iwconfig wlan0 mode monitor #Put in mode monitor
iwconfig wlan0mon mode managed #Quit mode monitor - managed mode
iw dev wlan0 scan | grep "^BSS\|SSID\|WSP\|Authentication\|WPS\|WPA" #Scan available wifis
```

## Attacks Summary

* **DOS**
  * Deauthentication/disassociation -- Disconnect everyone or Specific clients
  * Beacon Flooding
  * Authentication Denial-Of-Service
  * SSID Probing and Bruteforcing
  * Michael Countermeasures Exploitation
  * EAPOL Start and Logoff Packet Injection
  * Attacks for IEEE 802.11s mesh networks
  * WIDS Confusion
* **WEP** aproach
* **WPA/WPA2 - PSK**
  * Handshake Capture

## WEP

You got a **all-in-one in attack one attack in airgeddon.** Nowadays this security protocol is obsole&#x74;**.**

{% embed url="<https://github.com/v1s1t0r1sh3r3/airgeddon>" %}

### Resources

* [ ] Hacktrickz - [**https://book.hacktricks.xyz/generic-methodologies-and-resources/pentesting-wifi**](https://book.hacktricks.xyz/generic-methodologies-and-resources/pentesting-wifi)
* [ ] Null Byte - [**https://null-byte.wonderhowto.com/how-to/wi-fi-hacking/**](https://null-byte.wonderhowto.com/how-to/wi-fi-hacking/)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://hackzzz.gitbook.io/welcome/everything-about-and-notes/wireless-pentesting.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.