INTELLISEC SOLUTIONS’s security team leverages a wireless assessment methodology based on industry standards such as the Open Source Security Testing Methodology Manual (OSSTMM) and the Penetration Testing Execution Standard (PTES). It enables us to identify a broad range of weaknesses using methods such as:

• War driving, to detect rogue Access Points
• Tests of network segregation, for instance to detect if users of a guest WiFi network can access the corporate network
• Bypassing WLAN authentication, using techniques like MAC spoofing or Shared key guessing
• Cracking WLAN encryption, to see if Wireless traffic can be decrypted
• Testing for default and weak administrative credentials
• Review of Wireless protocols in use, to detect weak protocols
• Testing for advanced enterprise attacks (against 802.1x, EAP, LEAP, PEAP, EAP-TTLS…)
• Attacks against the WLAN infrastructure (Rogue devices, Evil Twin Aps, Man-in-The-Middle…)
• Testing for targeted attacks against Wireless integrity, confidentiality, availability and authentication

As a Wireless penetration test can cover different types of threats and attacks, we start all assessments with a scoping phase. Its goal is to establish with your team the testing required, the scope, goals and timeline.

Once the engagement is started, we first focus on reconnaissance to gather information on your organization’s environment. This allows us to create a testing plan composed of techniques and attacks to test for next.

Vulnerability discovery and exploitation are phases where we combine manual and automated testing to identify and exploit Wireless vulnerabilities such as those mentioned above.

A report is then drafted with details on all technical findings, risks, and prioritized remedial actions.