On This Page

Advanced Wireless Exploitation

Pentester Academy & Aircrack-NG | July 22-23 & July 24-25


A non-exhaustive list of topics to be taught includes:

  • Bypassing WLAN Authentication - Shared Key, MAC Filtering, Hidden SSIDs
  • Cracking WLAN Encryption - WEP, WPA/WPA2 Personal and Enterprise, Understanding encryption based flaws (WEP,TKIP,CCMP)
  • Attacking the WLAN Infrastructure - Rogues Devices, Evil Twins, DoS Attacks, MITM, Wi-Fi Protected Setup
  • Advanced Enterprise Attacks - 802.1x, EAP, LEAP, PEAP, EAP-TTLS
  • Attacking the Wireless Client - Honeypots and Hotspot attacks, Caffe-Latte, Hirte, Ad-Hoc Networks and Viral SSIDs, WiFishing
  • Breaking into the Client - Metasploit, SET, Social Engineering
  • Enterprise Wi-Fi Worms, Backdoors and Botnets
  • Scripting Wi-Fi Attack Tools with Python and Scapy (includes Attack Automation)
  • Custom Firmware Attacks - Reversing and Backdooring router firmware
  • Spectrum Analysis, Card Selection and Hardware theory (antenna, cables, calculating loss, etc)
  • How to generate complex wordlists for cracking
  • High performance cracking (Hashcat, Amazon GPU cloud mostly)
  • Wireless reconnaissance and WiFi direction finding
  • Pentesting IoT device Wi-Fi stacks
  • Extracting firmware from Wi-Fi routers using hardware techniques
  • Checklists and cheatsheets for conducting a Wi-Fi pentest

Who Should Take this Course

Network and Security Administrators, Pentesters, Wi-Fi Security Researchers and Enthusiasts

Student Requirements

  • Wi-Fi basics
  • Should know how to configure Wi-Fi - access points and clients
  • Working knowledge of Linux

What Students Should Bring

  • Laptop with at least 4 GB RAM
  • 40GB of free space for courseware
  • 1 working USB port on your laptop
  • Admin / Root on the laptop so you can install soft

What Students Will Be Provided With

  • $100 worth of WiFi Hardware - multiple Wi-Fi cards, access points etc.
  • Free 1 Month PentesterAcademy.com access pass
  • Full course content slides, VM and exercise files
  • Over 10 hours of HD quality video lectures


Thomas d'Otreppe is a wireless security researcher and author of Aircrack-ng, the most popular and complete suite of tools for WiFi network security assessments. He also created OpenWIPS-ng, an open source Wireless Intrusion Prevention System. Thomas is a contributor to WiFi stack and toolset in Backtrack Linux, which has now become Kali Linux, the de facto top choice Linux distribution for penetration testing and vulnerability assessment across multiple technology domains. He is also known as an author of a pro-active wireless security course which has been delivered to large numbers of IT Security professionals worldwide. Thomas speaks and teaches in the Americas and Europe and is a well-known speaker at DefCon, BlackHat, DerbyCon, SharkFest, Mundo Hacker Day, BruCON and other venues.