Wireless penetration Testing
eCybersec wireless security testing focuses on enumerating and verifying potential attack vectors and threats to your organization’s wireless infrastructure. The wireless security test is compromised of the following major phases:
Access point discovery
Wireless Penetration Testing
Post wireless exploitation.
eCybersec will first attempt to identify and document all your organization’s wireless access points. The purpose of the discovery phase is to identify points of exterior signal bleeding, inventory authorized access points, detect rogue employee access points, and create a structured plan for the wireless security assessment and wireless penetration test.
Once an inventory of wireless access points has been gathered, eCybersec will attempt to enumerate weaknesses within the wireless infrastructure. eCybersec testing will include both attacks against the wireless access points and wireless clients. Tests may include, but are not limited to, exploiting weak encryption protocols such as WEP and legacy WPA, open wireless access points and default configurations, and user susceptibility to rogue access point association and to man in the middle attacks. All vulnerabilities and potential attack vectors will be documented and recommendations for mitigation will be provided in the final report.
Once eCybersec has obtained a foothold on the wireless network, consultants will attempt to escalate access to higher privileged areas of the wireless and wired networks to demonstrate impact. This will include an examination of the segmentation between employee and guest wireless networks as well as an examination of segmentation between the wired and wireless networks.