Wireless Attack and Penetration

A simulated attack against your wireless infrastructure to identify and exploit any vulnerabilities.

Wireless Attack and Penetration Assessments are strategic and isolated attacks against the client’s wireless systems. SecureState consultants will simulate a hacker and attempt to identify, exploit, and penetrate weaknesses within these systems.


Wireless access points provide a simple way for hackers to penetrate your internal network. Either by sitting in a parking lot or driving around a facility or complex, wireless hackers can find ways to compromise your network. A Wireless Attack & Penetration Test will identify vulnerabilities and offer advice for hardening and remediation.


Many of the members of SecureState’s team have prior experience in Military Intelligence and signals analysis and have attacked the wireless networks of a variety of clients including, government agencies and large, multinational corporations. SecureState has also developed publicly available tools, including EAPeak and the Wireless Miniaturized Detector (WMD), which are used by professional security professionals when conducting wireless penetration tests.

Approach and Methodology

During a Wireless Attack and Penetration, SecureState will take a wireless footprint of the target environment to identify all access points that belong to your organization. More importantly, the encryption types used across the wireless environment are determined at this time. Key targets are selected for attack. If unencrypted networks are observed, clear-text transmissions can be sniffed and reassembled in an attempt to identify user credentials and sensitive information. A walk through will also be conducted, looking for existing rogue access points. If any are discovered, SecureState will attempt to locate the device in question and report the findings accordingly.

SecureState may initiate several attacks depending on the wireless environment. If weak protocols are discovered, active attacks will be run in an attempt to break the encryption on the affected networks. These attacks can include man in the middle (MitM) attacks, brute force attacks, session hijacking, and mass de-authentication. If your organization's network is found to be using Enterprise authentication, SecureState will perform tests against the wireless clients themselves in order to determine if these devices are being configured properly.

If SecureState achieves access to your organization's wireless environment, an assessment is performed on the network’s endpoints. Checks are made for proper segmentation between corporate and guest wireless networks and the hardline network. SecureState will progress into the network as vulnerabilities are identified. SecureState will exploit critical exposures to determine the extent of the access that could be achieved by a legitimate attacker. SecureState applies the Vulnerability Linkage Theory (VLT), linking multiple low and medium-severity vulnerabilities together to create higher risk exposures on the system.

wireless_attack_and_penetration (1)
Get Started!