SlideShare a Scribd company logo
Wireless penetration testing
Plan
• Introduction
• What is Penetration Testing?
• Methods of penetration testing
• Types of penetration testing
• Phases of penetration testing
• Conclusion
Introduction
• Wireless technology made huge changes in the way of
communication
• The use of this technology is increasing day by day, world wide
• Raising concern about security standards
Introduction
• Many encryption and decryption techniques are implemented
• Many authentication methods have been applied
• To ensure security, these techniques must be validated
What is penetration testing?
Penetration testing (aka. Pen Test) is one of the method used
to validate the security mechanisms of the system
Its outcome can be used to secure the network
What is penetration testing?
• Penetration testing is an attack on the system that checks
any potential vulnerabilities
• It identifies security flaws in a system, infrastructure,
applications or network
What is penetration testing?
Penetration testing in Wireless networks is called
Wireless Penetration testing
Methods of penetration testing
Methods of Penetration testing
• There are two penetration testing methods:
1. External Penetration testing
2. Internal Penetration testing
External Penetration testing
• Shows what a hacker would see into the network systems
• The threat is from the associated external network from the
web.
• This check is try to evade firewall, IDS or similar security
solutions
Internal Penetration testing
• Show risks from inside the network
• This check is performed by connecting to the internal LAN
Types of penetration testing
Types of Penetration Testing
• There are three types of penetration testing
1. Black box testing
2. White box testing
3. Grey box testing
Black box Testing
• Zero data regarding the network
• Tester utilizes from publically offered information over the
web
Black box Testing
Benefits:
• Simulates a very realistic scenario (External hacker case)
Black box Testing
Disadvantages:
• Testing time can not be maximized in certain scenarios
• Some areas of the infrastructure might remain untested
White box Testing
• Complete knowledge of the system / network
• The data may be: hosts IP addresses, domains, Applications +
versions, security defenses, network diagrams,…
• Worst-case scenario
White box Testing
Benefits:
• Deep and thorough testing
• Maximizes testing time
• Extends the testing area where black box testing can not
reach (such as quality of code, application design, etc.)
White box Testing
Disadvantages:
• Non realistic attack, as the penetration tester is not in the
same position as an non-informed potential attacker
Grey box Testing
• Partial knowledge of the target system
• The tester is authorized to access to the system
Grey box Testing
Benefits:
• Evaluates internal risks from staff
• More time to test the internal system
Phases of penetration testing
Phases of penetration testing
1. Reconnaissance
2. Scanning
3. Gaining access
4. Maintaining access
5. Covering tracks
Phases of penetration testing
• Gathering preparatory information
• Could be executed actively or passively
• Discovering IP addresses range, domain,
network, mail server, DNS informations, …
Reconnaissance
Scanning
Gaining access
Maintaining access
Covering tracks
V
V
V
V
V
V
V
V
Phases of penetration testing
• Scans internal and external network
devices
• Using specific tools to collect more
knowledge
• Scans for running services, firewall, IDS,
open ports, OS identification, …
Reconnaissance
Scanning
Gaining access
Maintaining access
Covering tracks
V
V
V
V
V
V
V
V
Phases of penetration testing
• Gaining control to one network device at
least
• Collect significant data or use the network
to attack other targets
• Incorporates social Eng. , vulnerabilities
exploitation), …
Reconnaissance
Scanning
Gaining access
Maintaining access
Covering tracks
V
V
V
V
V
V
V
V
Phases of penetration testing
• Maintain access for a longer time to collect
more informations
• Incorporate privileges acceleration,
backdoor installation, …
Reconnaissance
Scanning
Gaining access
Maintaining access
Covering tracks
V
V
V
V
V
V
V
V
Phases of penetration testing
• TO avoid getting traced and caught
• Clearing all kinds of logs and deleting the
uploaded backdoor and anything related
stuff which may later reflect his presence
Reconnaissance
Scanning
Gaining access
Maintaining access
Covering tracks
V
V
V
V
V
V
V
V
Conclusion
• Wireless network is an essential part of todays Information
technologies
• Security concerns are increasing
• Network penetration testing is a method to detect vulnerabilities
References
• Harshdeep Singh & Jaswinder Singh, Penetration Testing in Wireless Networks , 5 Jun 2017
• SecForce, Black box penetration testing vs white box penetration testing,
[https://www.secforce.com/blog/2008/11/black-box-penetration-testing-vs-white-box-
penetration-testing], 3 Nov 2008
• Secureideas, Grey Box Penetration Testing, [https://blog.secureideas.com/2012/12/grey-box-
penetration-testing.html], 4 Dec 2012
• Offensive hacking, Five phases of hacking,
[https://offensivehacking.wordpress.com/2012/10/02/five-phases-of-hacking/], 2 Oct 2012

More Related Content

What's hot (20)

PPTX
Radware - WAF (Web Application Firewall)
Deivid Toledo
 
PPTX
OWASP Top 10 2021 What's New
Michael Furman
 
PDF
Penetration testing & Ethical Hacking
S.E. CTS CERT-GOV-MD
 
PPT
Application Security
Reggie Niccolo Santos
 
PPTX
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
PPTX
Web application attacks
hruth
 
PPTX
Static Application Security Testing Strategies for Automation and Continuous ...
Kevin Fealey
 
PDF
Application Security - Your Success Depends on it
WSO2
 
PPTX
Wazuh Security Platform
Pituphong Yavirach
 
PDF
Web Application Security and Awareness
Abdul Rahman Sherzad
 
PDF
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Edureka!
 
PDF
KHNOG 3: DDoS Attack Prevention
APNIC
 
PDF
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
 
PPTX
Firewall presentation
gaurav96raj
 
PDF
Cyber attacks
Anuradha Moti T
 
PPTX
cyber security PPT
Nitesh Dubey
 
PPTX
Cyber Security
Bhandari Hìmáñßhü
 
PDF
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
PDF
SAST vs. DAST: What’s the Best Method For Application Security Testing?
Cigital
 
PPTX
Load Balancing Server
abhishek16pradhan
 
Radware - WAF (Web Application Firewall)
Deivid Toledo
 
OWASP Top 10 2021 What's New
Michael Furman
 
Penetration testing & Ethical Hacking
S.E. CTS CERT-GOV-MD
 
Application Security
Reggie Niccolo Santos
 
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
Web application attacks
hruth
 
Static Application Security Testing Strategies for Automation and Continuous ...
Kevin Fealey
 
Application Security - Your Success Depends on it
WSO2
 
Wazuh Security Platform
Pituphong Yavirach
 
Web Application Security and Awareness
Abdul Rahman Sherzad
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Edureka!
 
KHNOG 3: DDoS Attack Prevention
APNIC
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
 
Firewall presentation
gaurav96raj
 
Cyber attacks
Anuradha Moti T
 
cyber security PPT
Nitesh Dubey
 
Cyber Security
Bhandari Hìmáñßhü
 
Overview of the Cyber Kill Chain [TM]
David Sweigert
 
SAST vs. DAST: What’s the Best Method For Application Security Testing?
Cigital
 
Load Balancing Server
abhishek16pradhan
 

Similar to Penetration testing in wireless network (20)

PPTX
NETWORK PENETRATION TESTING
Er Vivek Rana
 
PPTX
Vapt life cycle
penetration Tester
 
PPTX
Vulnerability assessment and penetration testing
Abu Sadat Mohammed Yasin
 
PPTX
Software Security and IDS.pptx
Muhib Ahmad Sherwani
 
PDF
Application Lecurity Lectures by professor
OmarKhattab41
 
PPTX
Dncybersecurity
Anne Starr
 
PPT
1 (20 files merged).ppt
seshas1
 
PPTX
Vapt pci dss methodology ppt v1.0
Network Intelligence India
 
PPTX
What is penetration testing
sakshisoni076
 
PPTX
Penentration testing
tahreemsaleem
 
PDF
CNIT 160 4e Security Program Management (Part 5)
Sam Bowne
 
PPTX
Cyber Security Hacking and Attack Tree Analysis
AvinashAvuthu2
 
PPTX
Cyber Security Penetration Testing Tools
AvinashAvuthu2
 
PDF
CNIT 152: 4 Starting the Investigation & 5 Leads
Sam Bowne
 
PDF
Cs8792 cns - unit v
ArthyR3
 
PPTX
CS8792 - CNSe - Unit V.pptx Cryptography
ssuser000e54
 
PPTX
Inetsecurity.in Ethical Hacking presentation
Joshua Prince
 
PDF
The_Pentester_Blueprint.pdf
gcara4
 
PPT
intrusion detection system (IDS)
Aj Maurya
 
PDF
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Obika Gellineau
 
NETWORK PENETRATION TESTING
Er Vivek Rana
 
Vapt life cycle
penetration Tester
 
Vulnerability assessment and penetration testing
Abu Sadat Mohammed Yasin
 
Software Security and IDS.pptx
Muhib Ahmad Sherwani
 
Application Lecurity Lectures by professor
OmarKhattab41
 
Dncybersecurity
Anne Starr
 
1 (20 files merged).ppt
seshas1
 
Vapt pci dss methodology ppt v1.0
Network Intelligence India
 
What is penetration testing
sakshisoni076
 
Penentration testing
tahreemsaleem
 
CNIT 160 4e Security Program Management (Part 5)
Sam Bowne
 
Cyber Security Hacking and Attack Tree Analysis
AvinashAvuthu2
 
Cyber Security Penetration Testing Tools
AvinashAvuthu2
 
CNIT 152: 4 Starting the Investigation & 5 Leads
Sam Bowne
 
Cs8792 cns - unit v
ArthyR3
 
CS8792 - CNSe - Unit V.pptx Cryptography
ssuser000e54
 
Inetsecurity.in Ethical Hacking presentation
Joshua Prince
 
The_Pentester_Blueprint.pdf
gcara4
 
intrusion detection system (IDS)
Aj Maurya
 
Introduction to Penetration testing - GDG DevFest Caribbean 2021 presentation
Obika Gellineau
 
Ad

More from Hadi Fadlallah (20)

PPTX
RaDEn : A Scalable and Efficient Platform for Engineering Radiation Data
Hadi Fadlallah
 
PPTX
ORADIEX : A Big Data driven smart framework for real-time surveillance and an...
Hadi Fadlallah
 
PPTX
What makes it worth becoming a Data Engineer?
Hadi Fadlallah
 
PPTX
Introduction to Data Engineering
Hadi Fadlallah
 
PPTX
An introduction to Business intelligence
Hadi Fadlallah
 
PPTX
Big data lab as a service
Hadi Fadlallah
 
PPTX
Risk management and IT technologies
Hadi Fadlallah
 
PPTX
Fog computing
Hadi Fadlallah
 
PPTX
Inertial sensors
Hadi Fadlallah
 
PPTX
Big Data Integration
Hadi Fadlallah
 
PPTX
Cloud computing pricing models
Hadi Fadlallah
 
PPTX
Internet of things security challenges
Hadi Fadlallah
 
PPTX
Marketing Mobile
Hadi Fadlallah
 
PPTX
Secure Aware Routing Protocol
Hadi Fadlallah
 
PPTX
Bhopal disaster
Hadi Fadlallah
 
PPTX
Cyber propaganda
Hadi Fadlallah
 
PPTX
Dhcp authentication using certificates
Hadi Fadlallah
 
PPTX
Introduction to Data mining
Hadi Fadlallah
 
PPTX
Sql parametrized queries
Hadi Fadlallah
 
PPTX
Introduction to software testing
Hadi Fadlallah
 
RaDEn : A Scalable and Efficient Platform for Engineering Radiation Data
Hadi Fadlallah
 
ORADIEX : A Big Data driven smart framework for real-time surveillance and an...
Hadi Fadlallah
 
What makes it worth becoming a Data Engineer?
Hadi Fadlallah
 
Introduction to Data Engineering
Hadi Fadlallah
 
An introduction to Business intelligence
Hadi Fadlallah
 
Big data lab as a service
Hadi Fadlallah
 
Risk management and IT technologies
Hadi Fadlallah
 
Fog computing
Hadi Fadlallah
 
Inertial sensors
Hadi Fadlallah
 
Big Data Integration
Hadi Fadlallah
 
Cloud computing pricing models
Hadi Fadlallah
 
Internet of things security challenges
Hadi Fadlallah
 
Marketing Mobile
Hadi Fadlallah
 
Secure Aware Routing Protocol
Hadi Fadlallah
 
Bhopal disaster
Hadi Fadlallah
 
Cyber propaganda
Hadi Fadlallah
 
Dhcp authentication using certificates
Hadi Fadlallah
 
Introduction to Data mining
Hadi Fadlallah
 
Sql parametrized queries
Hadi Fadlallah
 
Introduction to software testing
Hadi Fadlallah
 
Ad

Recently uploaded (20)

PPTX
Agentic AI in Healthcare Driving the Next Wave of Digital Transformation
danielle hunter
 
PPTX
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
PPTX
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
PDF
Build with AI and GDG Cloud Bydgoszcz- ADK .pdf
jaroslawgajewski1
 
PDF
Researching The Best Chat SDK Providers in 2025
Ray Fields
 
PPTX
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
PDF
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
PPTX
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
PPTX
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
PDF
NewMind AI Weekly Chronicles – July’25, Week III
NewMind AI
 
PPTX
Agile Chennai 18-19 July 2025 | Emerging patterns in Agentic AI by Bharani Su...
AgileNetwork
 
PDF
Generative AI vs Predictive AI-The Ultimate Comparison Guide
Lily Clark
 
PDF
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
PPTX
Simple and concise overview about Quantum computing..pptx
mughal641
 
PPTX
AI Code Generation Risks (Ramkumar Dilli, CIO, Myridius)
Priyanka Aash
 
PDF
Market Insight : ETH Dominance Returns
CIFDAQ
 
PDF
TrustArc Webinar - Navigating Data Privacy in LATAM: Laws, Trends, and Compli...
TrustArc
 
PDF
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
PDF
The Future of Artificial Intelligence (AI)
Mukul
 
PDF
Data_Analytics_vs_Data_Science_vs_BI_by_CA_Suvidha_Chaplot.pdf
CA Suvidha Chaplot
 
Agentic AI in Healthcare Driving the Next Wave of Digital Transformation
danielle hunter
 
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
Build with AI and GDG Cloud Bydgoszcz- ADK .pdf
jaroslawgajewski1
 
Researching The Best Chat SDK Providers in 2025
Ray Fields
 
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
Introduction to Flutter by Ayush Desai.pptx
ayushdesai204
 
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
NewMind AI Weekly Chronicles – July’25, Week III
NewMind AI
 
Agile Chennai 18-19 July 2025 | Emerging patterns in Agentic AI by Bharani Su...
AgileNetwork
 
Generative AI vs Predictive AI-The Ultimate Comparison Guide
Lily Clark
 
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
Simple and concise overview about Quantum computing..pptx
mughal641
 
AI Code Generation Risks (Ramkumar Dilli, CIO, Myridius)
Priyanka Aash
 
Market Insight : ETH Dominance Returns
CIFDAQ
 
TrustArc Webinar - Navigating Data Privacy in LATAM: Laws, Trends, and Compli...
TrustArc
 
Trying to figure out MCP by actually building an app from scratch with open s...
Julien SIMON
 
The Future of Artificial Intelligence (AI)
Mukul
 
Data_Analytics_vs_Data_Science_vs_BI_by_CA_Suvidha_Chaplot.pdf
CA Suvidha Chaplot
 

Penetration testing in wireless network

  • 2. Plan • Introduction • What is Penetration Testing? • Methods of penetration testing • Types of penetration testing • Phases of penetration testing • Conclusion
  • 3. Introduction • Wireless technology made huge changes in the way of communication • The use of this technology is increasing day by day, world wide • Raising concern about security standards
  • 4. Introduction • Many encryption and decryption techniques are implemented • Many authentication methods have been applied • To ensure security, these techniques must be validated
  • 5. What is penetration testing? Penetration testing (aka. Pen Test) is one of the method used to validate the security mechanisms of the system Its outcome can be used to secure the network
  • 6. What is penetration testing? • Penetration testing is an attack on the system that checks any potential vulnerabilities • It identifies security flaws in a system, infrastructure, applications or network
  • 7. What is penetration testing? Penetration testing in Wireless networks is called Wireless Penetration testing
  • 9. Methods of Penetration testing • There are two penetration testing methods: 1. External Penetration testing 2. Internal Penetration testing
  • 10. External Penetration testing • Shows what a hacker would see into the network systems • The threat is from the associated external network from the web. • This check is try to evade firewall, IDS or similar security solutions
  • 11. Internal Penetration testing • Show risks from inside the network • This check is performed by connecting to the internal LAN
  • 13. Types of Penetration Testing • There are three types of penetration testing 1. Black box testing 2. White box testing 3. Grey box testing
  • 14. Black box Testing • Zero data regarding the network • Tester utilizes from publically offered information over the web
  • 15. Black box Testing Benefits: • Simulates a very realistic scenario (External hacker case)
  • 16. Black box Testing Disadvantages: • Testing time can not be maximized in certain scenarios • Some areas of the infrastructure might remain untested
  • 17. White box Testing • Complete knowledge of the system / network • The data may be: hosts IP addresses, domains, Applications + versions, security defenses, network diagrams,… • Worst-case scenario
  • 18. White box Testing Benefits: • Deep and thorough testing • Maximizes testing time • Extends the testing area where black box testing can not reach (such as quality of code, application design, etc.)
  • 19. White box Testing Disadvantages: • Non realistic attack, as the penetration tester is not in the same position as an non-informed potential attacker
  • 20. Grey box Testing • Partial knowledge of the target system • The tester is authorized to access to the system
  • 21. Grey box Testing Benefits: • Evaluates internal risks from staff • More time to test the internal system
  • 23. Phases of penetration testing 1. Reconnaissance 2. Scanning 3. Gaining access 4. Maintaining access 5. Covering tracks
  • 24. Phases of penetration testing • Gathering preparatory information • Could be executed actively or passively • Discovering IP addresses range, domain, network, mail server, DNS informations, … Reconnaissance Scanning Gaining access Maintaining access Covering tracks V V V V V V V V
  • 25. Phases of penetration testing • Scans internal and external network devices • Using specific tools to collect more knowledge • Scans for running services, firewall, IDS, open ports, OS identification, … Reconnaissance Scanning Gaining access Maintaining access Covering tracks V V V V V V V V
  • 26. Phases of penetration testing • Gaining control to one network device at least • Collect significant data or use the network to attack other targets • Incorporates social Eng. , vulnerabilities exploitation), … Reconnaissance Scanning Gaining access Maintaining access Covering tracks V V V V V V V V
  • 27. Phases of penetration testing • Maintain access for a longer time to collect more informations • Incorporate privileges acceleration, backdoor installation, … Reconnaissance Scanning Gaining access Maintaining access Covering tracks V V V V V V V V
  • 28. Phases of penetration testing • TO avoid getting traced and caught • Clearing all kinds of logs and deleting the uploaded backdoor and anything related stuff which may later reflect his presence Reconnaissance Scanning Gaining access Maintaining access Covering tracks V V V V V V V V
  • 29. Conclusion • Wireless network is an essential part of todays Information technologies • Security concerns are increasing • Network penetration testing is a method to detect vulnerabilities
  • 30. References • Harshdeep Singh & Jaswinder Singh, Penetration Testing in Wireless Networks , 5 Jun 2017 • SecForce, Black box penetration testing vs white box penetration testing, [https://www.secforce.com/blog/2008/11/black-box-penetration-testing-vs-white-box- penetration-testing], 3 Nov 2008 • Secureideas, Grey Box Penetration Testing, [https://blog.secureideas.com/2012/12/grey-box- penetration-testing.html], 4 Dec 2012 • Offensive hacking, Five phases of hacking, [https://offensivehacking.wordpress.com/2012/10/02/five-phases-of-hacking/], 2 Oct 2012