WIRELESS PENETRATION TESTING
WiFi is no longer just a “nice to have” but a mission critical component to many businesses. The Wireless Penetration Testing service covers all threat vectors of wireless networks. Our audits contain attempts to crack wireless encryption and authentication mechanisms, include the set up of rogue access points along with test phishing portals, a variety of man-in-the-middle (MITM) attacks, denial of service testing and Bluetooth security tests.
Authentication & encryption attack testing
We will try to break into wireless access points by performing ethical hacking against common security methods such as MAC authentication, WEP, WPA PSK and WPA-2 PSK and WPA enterprise authentication. The goal of this audit is to break into a wireless network in order to gain access to the network.
Wireless Man-in-the-Middle attack testing
In this audit we will set up rogue and fake access points, waiting for users to connect in order to capture all activities they perform. social engineering techniques will also be employed, such as redirecting users to a fake web page forcing them to re-enter the pre-shared key. Additionally we perform tests around redirecting users in order to capture online activities such as phone calls.
Wireless DDoS attack testing
In this audit, we are attempting to bring the wireless network to a complete hold by either jamming the wireless spectrum or overloading the access points, so legitimate users can’t be served any longer.
Bluetooth attack testing
We evaluate every security aspect of Bluetooth networking in order to gain control over Bluetooth devices, intercept calls (i.e. BT handset to BT earpiece) or render Bluetooth services temporarily unavailable.
Full report (executive summary and in-depth technical report)
Testing only at agreed testing times (i.e. at nights, weekends etc.)
Mitigation advice on encountered vulnerabilities
Never running malicious exploits or DDoS tests unless agreed by client
Instant notification of critical vulnerabilities found during testing phase
Secure report delivery by encrypted email
We are experts in Penetration Testing / Ethical Hacking, Cyber Security and Infrastructure Design
We are an independent third party concerned with finding & fixing flaws and improving infrastructure design
No conflict of interest. We will never work on both you offensive security testing and defensive IT infrastructure management simultaneously
Consultants holding the highest industry and government certifications
Experience across all sectors and business sizes
Dedicated Red Team approach with specialists in all technologies
Using international testing frameworks such as: OWASP, NIST, SANS, etc. as well as standards including: ISO 27001, PCI DSS, Cyber Essentials and GDPR
Your security is our priority!
Download Flyer and Sample Reports
References and Certifications
If you would like to speak to one of our existing customers, we are happy to arrange that. Please note that a lot of customers wish to remain anonymous and not to serve as a reference due to the sensitivity of the work we perform. Naturally we always comply with our customers. We do however have some clients who are happy to serve as references. Should you require validation of our consultant’s certifications, we can arrange that as well.