BackTrack 5 Wireless Penetration Testing

Watch and learn about wireless penetration testing using the latest version of the BackTrack penetrating testing suite
0.0 (0 ratings)
Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
154 students enrolled
82% off
Take This Course
  • Lectures 35
  • Length 3.5 hours
  • Skill Level All Levels
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works


Find online courses made by experts from around the world.


Take your courses with you and learn anywhere, anytime.


Learn and practice real-world skills and achieve your goals.

About This Course

Published 11/2014 English

Course Description

Armed with the essentials, you will learn how to conduct a host of cutting edge wireless attacks. You will learn how to execute attacks such as WLAN packet sniffing, revealing hidden SSIDs, open authentication by defeating MAC address filters, bypassing shared authentication, cracking WEP and WPA/WPA2 encryption.

In addition to documenting the essentials of wireless penetration testing, we will also discuss setting up rogue APs and wireless evil twins, client-based WEP cracking attacks, wireless infrastructure-based attacks, WPS PIN brute force attacks, denial of service (DoS) attacks, eavesdropping and session hijacking, EAP-based enterprise wireless hacking; and much more. Coverage also includes various countermeasures to protect wireless networks against these types of attacks, in order to help bolster the wireless security of any given network.

About the Author

Farrukh Haroon Farhat is an information security professional with over 8 years of experience. He currently works as a Security Analyst in IBM’s Global Technology Services (GTS) division. As a member of the Managed Security Services (MSS) operations team, Farrukh works with multi-vendor network security technologies, helping customers improve their security posture. He's previously worked as the IT Security Manager for an emerging telecom operator based in the Middle East. He has also delivered various professional trainings related to Information Security and Networking. Farrukh hold’s various industry certifications such as CISSP, CISA, CCIE Security (#20184), JNCIE-Security (#91) et al. He actively contributes to various online communities related to network security like Cisco Netpro. As a result of his contribution to Cisco’s official support community, he was awarded the ‘Cisco Designated VIP (Security)’ accreditation in 2011.

What are the requirements?

  • The course assumes that you already know the basics of wireless networks and can operate at least one Linux distribution.
  • Designed as a practical video tutorial with step-by-step instructions to teach you about Wireless Penetration Testing, the course has been designed to ensure that topics are presented in a gradual manner, allowing you to grasp the information that's being presented before moving on to more advanced topics.

What am I going to get from this course?

  • Crack WEP, WPA, WPA2, WPS, EAP/Radius based wireless networks
  • Creating a practice lab for wireless penetrating testing purposes
  • Sniff out and analyze wireless packets from the air
  • Penetrate wireless networks based on the enterprise versions of WPA and WPA2
  • Attack the WLAN infrastructure itself using DoS attacks, Fake APs, and other techniques

Who is the target audience?

  • This course is aimed at security professionals and IT professionals who want to learn about wireless penetration testing using the BackTrack Linux security distribution.

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.


Section 1: Introduction

This video will provide a brief overview of what we'll cover throughout the course.

Section 2: Getting Started

This video will help decide or choose which wireless hardware and software will best suit your needs.


This video will help to download and set up BackTrack 5 R2 for use in wireless penetration tests.


This video will help to set up Wi-Fi access points in three easy steps.

Section 3: Wireless Networks – Rewards and Risks

This video will revisit the theory of wireless networks.


This video will discuss the wireless packet structure and the various fields contained in it.


This video will discuss the various tools available within the aircrack-ng wireless penetration and attack suite.


Eavesdropping on and interpreting wireless frames using various tools, such as Wireshark, tshark, tcpdump, and airodump-ng.

Section 4: WLAN Authentication – Getting Past Invisible Barriers

This video will describe the theory of authentication in general, and wireless authentication protocols.


This video will demonstrate how to bypass hidden/invisible Wireless Service Set Identifies (SSIDs) using the wireshark and airodump-ng tools.


This video will demonstrate how easy it is to bypass MAC filters frequently employed by network administrators to secure Wi-Fi networks (by utilizing MAC spoofing).


This video will demonstrate how to bypass Shared Key Authentication even tough it uses an encrypted challenge handshake process.

Section 5: Exploiting WLAN Encryption Flaws

This video will describe the theory of encryption in general, and wireless encryption protocols.


This video will list three easy steps to find out the WEP encryption key.


This video will help understand the steps required to penetrate WPA or WPA2 PSK based wireless networks.


This video will demonstrate how we can capitalize on the cracked WEP or WPA keys or pass-phrases by authenticating and associating with the compromised network.

Section 6: WLAN Infrastructure – Threats and Countermeasures

This video will demonstrate how we can penetrate wireless networks using the default usernames and passwords that are bundled with various Wi-Fi devices such as access points.


Simulate a Denial-of-service (DoS) attack that is meant to shut down a machine or network.


This video will demonstrate how to exploit implementation weaknesses in the Wi-Fi Protected Access (WPS) feature, to gain access to the various security settings of vulnerable access points.


This video will demonstrate how to create software-based fake access points using the airbase-ng utility.

Section 7: Advanced Client-based WiFi Attacks

This video will help to understand how we can penetrate wireless networks using wireless end-stations only, without the need of other wireless network elements such as access points.


This video will demonstrate how to create software-based fake access points using the airbase-ng utility, based on the probe request packets sent by wireless clients.


This video will demonstrate how to utilize the message injection and bit-flipping techniques to crack WEP keys based on isolated wireless clients.


This video will show how to combine the Caffe Latte attack and fragmentation techniques to crack WEP keys, once again based on isolated wireless clients.


This video will demonstrate how to execute WPA or WPA2 pre-shared key (PSK) cracking attacks based on wireless clients.

Section 8: WLAN Security – Taking It One Step Further

This video will describe the theoretical details pertaining to MITM-based wireless attacks such as eavesdropping and session hijacking.


This video will demonstrate the essential configuration steps to set up our wireless network for man-in-the-middle attacks.


This video will demonstrate how to carry out eavesdropping and session hijacking attacks based on your MITM setup.


This video will demonstrate how to enumerate the wireless security profiles currently cached on wireless clients.

Section 9: Enterprise Wireless Hacking

This video will demonstrate how to set up the FreeRADIUS daemon and the associated Wireless Pwnage Edition (WPE) patch for WPA enterprise cracking.


Cracking PEAP due to improper configurations, such as a lack of certificate validation on the supplicant side.


Cracking EAP-TTLS due to improper configurations, such as a lack of certificate validation on the supplicant side.


This video will discuss the various best practices related to WPA- or WPA2-based enterprise WLANs.

Section 10: WLAN Penetration Testing – Doing it Effectively!

This video will discuss the four different phases or steps of the wireless penetration testing process.


Taking our wireless pen-testing knowledge to the next level.

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Packt Publishing, Tech Knowledge in Motion

Packt has been committed to developer learning since 2004. A lot has changed in software since then - but Packt has remained responsive to these changes, continuing to look forward at the trends and tools defining the way we work and live. And how to put them to work.

With an extensive library of content - more than 4000 books and video courses -Packt's mission is to help developers stay relevant in a rapidly changing world. From new web frameworks and programming languages, to cutting edge data analytics, and DevOps, Packt takes software professionals in every field to what's important to them now.

From skills that will help you to develop and future proof your career to immediate solutions to every day tech challenges, Packt is a go-to resource to make you a better, smarter developer.

Packt Udemy courses continue this tradition, bringing you comprehensive yet concise video courses straight from the experts.

Ready to start learning?
Take This Course