Now many of you that are reading this are fully aware of the wireless hacking arena. So i’m not going to teach you about that, man many decent guides on it out the in the ether.
What I did want to point out was a little trick using airodump-ng for wifi scanning. Basically the “airodump-ng” command goes and does a scan and tells you information about the surround wireless APs.
I’m using Kali Linux for all my research, you need to firstly make sure that your device is in Monitor mode.
airmon-ng start -i wlan0
then once all sorted we can run airodump-ng
airodump-ng -i wlan0mon
You will see a nice little list of wireless APs and you will see the MAC address of those AP’s.
You’ll need those later if you decide to test WPS on the routers(that you own obviously).
A few new tricks i has never used were –uptime and –manufacturer .
This gives loads of information that can be used when doing recon on a target. Give you a chance to go and google for best tactics to use and how stable the connection is for that target.