Both are good, if not great sources of knowledge that make them a valued resource, however, there is still room for WiFu - more on this later. Before doing the course, I had already dabbled with However, I still learnt more than a thing or two by the time I had completed the course. Yes, I was able to learn, and teach myself for free. As always, with an Offsec course, all the information that you need is in one place. PDF — pages , and videos.
|Published (Last):||28 March 2004|
|PDF File Size:||16.38 Mb|
|ePub File Size:||20.16 Mb|
|Price:||Free* [*Free Regsitration Required]|
Before starting this course I have been heavily involved in the world of radio frequencies and wireless security testing from a purely hobbyist point of view. This previous knowledge might have helped with the course. However, I wanted to validate my knowledge through one of the most trusted certification providers in the industry.
As well, more and more devices are introduced with wireless capabilities, and wireless knowledge will soon become an industry standard for penetration testers, and system administrators. It was time to pull the trigger and dive into the world of wireless penetration testing.
The material of the WiFu course is publicly available and can be referenced here. The course begins by performing dive into the standards and protocols for the Followed by the how a wireless network operates, and the different types of WiFi. After the brief introduction the Offensive Security course moves into an exhausting description of how wireless packets are built and transmitted.
This knowledge is great for background knowledge showing the very intricacies of how wireless works, however I found this section to be painful to work through. However, working through these many pages really helps the student understand how the Aircrack Suite works on a lower level instead of simply describing what a command is doing.
Offensive Security as well references some hardware that is a prerequisite to help setup the lab network in order to attack locally. Albeit, there are no instructions contained in the PDF on configuration of the hardware that is suggested.
This can be problem causing as you move into the practical lab section as certain attacks were unable to be performed even with the troubleshooting sections that are provided in the PDF. There were certain sections where I have still yet to successfully perform on the suggested hardware which could be due to updates in firmware or changes in the rolling Kali release.
Additionally, I should mention here that when purchasing the course the student is provided with a version of BackTrack r5 to practice with. However, I wanted to utilize my wireless card I had purchased in for the lab. The version of BackTrack is obviously deprecated and will therefore no longer get updates or be able to install packages to support the Alfa AC that I had purchased.
With these problems considered I decided to just run a bleeding edge release from the rolling Kali This might have caused some of the issues mentioned previously. If you have suffered through all of the background knowledge and deep dives into packet building you will be rewarded with learning the practical side of wireless penetration testing processes.
To begin with Offensive Security begins by talking about administration of the wireless card and using the Aircrack Suite to get the cards into a "monitor" mode. As mentioned earlier in the post I just had to make this process more difficult on myself by using an unapproved wireless card, in which I had to learn how to place the card into monitor mode in a more manual mode using the iwconfig command.
Surely the reason for not covering a common encryption method is due to the complex nature of setting up a wireless access point with some sort of centralized authentication behind it. This could be a future selling point by providing a small lab for the WiFu course with additional topics covered. After covering the two encryption methods WEP and WPA the course also provides a brief description of wireless reconnaissance section which demonstrates connections between access point and client devices.
Whereas, this section is not necessarily critical it really seems like a fun way to demonstrate some of the more flashy skills that might help with building reports or just enjoying the world of wireless testing. The testing section has an exam guide just like the OSCP exam. The exam guide provides the general guideline on the pitfalls that might cause a student not to pass the exam.
All of the information is clearly explained and provides a great checklist for making sure the directions were followed appropriately. The maximum time allotted for the test is 4 hours with 24 hours to write the report, however I was able to wrap up the exploits in under 50 minutes. Then spent the next 2 hours preparing the documentation and submitted under the initial 4 hour mark. My final opinion on the OSWP. Overall this is a great course for a beginner wanting to break into the world of wireless testing and reconnaissance.
The course does not feel updated though. However, these new methods that are still being developed and reported should be added to the course. I would absolutely pay an additional fee to get an updated version of the PDF and to retake the test with more current attack methods.
Offensive Security Wireless Professional (WiFu) - Review
All rights reserved. The Exploit Database is a non-profit project that is provided as a public service by Offensive Security. The Exploit Database is a CVE compliant archive of public exploits and corresponding vulnerable software, developed for use by penetration testers and vulnerability researchers. Our aim is to serve the most comprehensive collection of exploits gathered through direct submissions, mailing lists, as well as other public sources, and present them in a freely-available and easy-to-navigate database. The Exploit Database is a repository for exploits and proof-of-concepts rather than advisories, making it a valuable resource for those who need actionable data right away.
Offensive Security Wireless Attacks (WiFu) + Offensive Security Wireless (OSWP)
Download Kali Linux Virtual Images