|
1. Kismet
Kismet is an 802.11 layer2 wireless network detector, sniffer, and intrusion detection system. Kismet will work with any wireless card which supports raw monitoring (rfmon) mode, and (with appropriate hardware) can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet also supports plugins which allow sniffing other media such as DECT. Kismet identifies networks by passively collecting packets and detecting standard named networks, detecting (and given time, decloaking) hidden networks, and infering the presence of nonbeaconing networks via data traffic.
-Features :
1. 802.11b, 802.11g, 802.11a, 802.11n sniffing
2. Standard PCAP file logging (Wireshark, Tcpdump, etc)
3. Client/Server modular architecture
4. Multi-card and channel hopping support
5. Runtime WEP decoding
6. Tun/Tap virtual network interface drivers for realtime export of packets
7. Hidden SSID decloaking
8. Distributed remote sniffing with Kismet drones
9. XML logging for integration with other tools
10. Linux, OSX, Windows, and BSD support (devices and drivers permitting)
2. NetStumbler
NetStumbler is a tool for Windows that facilitates detection of Wireless LANs using the 802.11b, 802.11a and 802.11g WLAN standards. It runs on Microsoft Windows operating systems from Windows 2000 to Windows XP. A trimmed-down version called MiniStumbler is available for the handheld Windows CE operating system.
-Used for :
1. Wardriving
2. Verifying network configurations
3. Finding locations with poor coverage in a WLAN
4. Detecting causes of wireless interference
5. Detecting unauthorized ("rogue") access points
6. Aiming directional antennas for long-haul WLAN links
3. WireShark
Wireshark is the world's foremost network protocol analyser. It lets you see what's happening on your network at a microscopic level. It is the de facto standard across many industries and educational institutions.
-Features :
1. Deep inspection of hundreds of protocols, with more being added all the time
2. Live capture and offline analysis
3. Standard three-pane packet browser
4. Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
5. Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
4. AirSnort
AirSnort is a Linux and Microsoft Windows utility (using GTK+) for decrypting WEP encryption on an 802.11b network. Distributed under the GNU General Public License,[1] AirSnort is free software. However, it is no longer maintained or supported.
5. CoWPAtty
CoWPAtty automates the dictionary attack for WPA-PSK. It runs on Linux. The program is started using a command-line interface, specifying a word-list that contains the passphrase, a dump file that contains the four-way EAPOL handshake, and the SSID of the network.