WAIDPS [Wireless Auditing, Intrusion Detection & Prevention System]
Description:
WAIDPS is an open source wireless swissknife written in Python and work on Linux environment. This is a multipurpose tools designed for audit (penetration testing) networks, detect wireless intrusion (WEP/WPA/WPS attacks) and also intrusion prevention (stopping station from associating to access point). Apart from these, it will harvest all WiFi information in the surrounding and store in databases. This will be useful when it comes to auditing a network if the access point is ‘MAC filtered’ or ‘hidden SSID’ and there isn’t any existing client at that moment.
WAIDS may be useful to penetration testers, wireless trainers, law enforcement agencies and those who is interested to know more about wireless auditing and protection. The primarily purpose for this script is to detect intrusion. Once wireless detect is found, it display on screen and also log to file on the attack. Additional features are added to current script where previous WIDS does not have are :
· automatically save the attack packets into a file
· interactive mode where users are allow to perform many functions
· allow user to analyse captured packets
· load previously saved pcap file or any other pcap file to be examine
· customizing filters
· customize detection threshold (sensitivity of IDS in detection)
At present, WAIDS is able to detect the following wireless attacks and will subsequently add other detection found in the previous WIDS.
- Association / Authentication flooding
- Detect mass deauthentication which may indicate a possible WPA attack for handshake
- Detect possible WEP attack using the ARP request replay method
- Detect possible WEP attack using chopchop method
- Detect possible WPS pin bruteforce attack by Reaver, Bully, etc.
- Detection of Evil-Twin
- Detection of Rogue Access Point
The whole structure of the Wireless Auditing, Intrusion Detection & Prevention System will comprise of
Harvesting WiFi Information [Done]
Intrusion Detection [Partially Done]
Intrusion Prevention [Partially Done]
Auditing (Testing network) [Coming Soon]
Other additional item include analyzing of packets, display of captured dump, display network barchart and much more.
Requirements
No special equipment is required to use this script as long as you have the following :
1. Root access (admin)
2. Wireless interface which is capable of monitoring and injection
3. Python 2.7 installed
4. Aircrack-NG suite installed
5. TShark installed
6 TCPDump installed
7 Mergecap installed (for joining pcap files)
8 xterm installed
Note: Application 3 - 8 are already pre-installed in Backtrack and Kali Linux. Save the hassles by running on Kali-Linux.
Download / Installation
Visit https://github.com/SYWorks/waidps for all documentation and files or download the raw file directly from here
Save the file 'waidps.py' to your Linux Desktop or any directory you like. For my case, i saved it on my desktop and enter the following in the terminal console.
- cd Desktop/
- chmod +x waidps.py
- ./waidps.py
It’s very informative and you are obviously very knowledgeable in this area. You have opened my eyes to varying views on this topic with interesting and solid content. Actually I read it yesterday but I had some thoughts about it and today I wanted to read it again because it is very well written.
BalasHapusHi All!
BalasHapusI'm selling fresh & genuine SSN Leads, with good connectivity. All data properly checked & verified.
Headers in Leads:
First Name | Last Name | SSN | Dob | Address | State | City | Zip | Phone Number | Account Number | Bank Name | DL Number | Routing Number | IP Address | Reference | Email | Rental/Owner |
*You can ask for sample before any deal
*Each lead will be cost $1
*Premium Lead will be cost $5
*If anyone wants in bulk I will negotiate
*Sampling is just for serious buyers
Hope for the long term deal
For detailed information please contact me on:
Whatsapp > +923172721122
Email > leads.sellers1212@gmail.com
Telegram > @leadsupplier
ICQ > 752822040