This course is designed for Law Enforcement, Government, Networking and Security personnel that need to develop a set of Wireless penetration and comprise techniques utilizing Commercial OffThe-Shelf (COTS) systems for wireless networks and devices through study and Open-Source tools and equipment.

*Note: This class will require prolonged access and utilization of a functional Wireless laboratory environment and associated equipment.

Example: (per student)

  1. Raspberry Pi stand-alone power source
  2. Raspberry Pi wireless dongle
  3. Cat-5 cables (3 per student)
  4. Raspberry Pi 802.11 antennas for increased collection
  5. 128 GB Micro SD card for Raspberry Pi memory expansion
  6. WiFi Pineapple device and external power source

Also required will be a vehicle for mobile Wireless operation and operations with one cadre and two students in a vehicle for troubleshooting, and placement and two more students and one cadre in the classroom for remote access operation and tasking as well as public Real-World testing as proof-ofconcept.

Format: 10 days Classroom Instruction

Start/End Times: 0830-1630

Recommended Class Size: 5-10

Audience: Advanced

Recommended Course Prerequisites:

It is recommended that attendees to this course have significant experience and knowledge of wireless networking terms and Network Analysis. It is further recommended that they complete: ‘WiFi LE – Wireless Network Analysis Using Wireshark (Law Enforcement)’ using Wireshark. Attendees will be required to bring their own laptop. Information for downloading the required software will be provided at time of enrollment.

Course Description:

Law Enforcement and Government personnel are frequently encountering situations that require advanced Wireless (802.11, 802.15, 802.16, etc.) data penetration to facilitate data collection. This course will provide the student with a set of Wireless penetration and compromise techniques focusing on the use of vendor-neutral, Open-Source Tools to provide insight into the following areas:

  • Utilization of Raspberry Pi’s and WiFi Pineapples in conjunction with TP-Link Pocket Routers, RFID’s, Raspberry PI external power source and Arduino cards to collect analyze and prosecute Wireless targets
  • Utilization of encrypted VPN’s in preparation for data sharing between multiple EW Operators
  • Utilization of basic Python / Bash Scripting to enhance Operator data manipulation capabilities
  • Threats to Wireless and Internet of Things (IoT) Systems
  • Specialized Analysis techniques including suspicious data traffic reconstruction and viewing techniques.
  • Real-World examples will be utilized throughout the course in conjunction with numerous hands-on exercises to provide field proven, practical skills. Attendees will receive a student guide including numerous reference files and networking and forensics tools, as well as a library of reference documents

Course Objectives:

Upon conclusion students will be able to automate and remotely access Commercial Off-TheShelf (COTS) Wireless systems utilizing ADHOC VPN networks, RFIDs and ADRUINO cards through the application of Raspberry PI custom configurations

Course Details:

I. Introduction to Wireless Environments

  • Logistics
  • Wireless Fundamentals
    • Competing Standards
  • RF Propagation and Interference
    • Identifying Interference Sources
      • Types of Interference & Spectrum Analyzer Analysis
  • Wireless Antennas
    • Antenna Theory, Types and Placement
    • Constructing Wireless Antennas
    • Wireless Channel Restrictions
  • Wireless Hardware and Terminology
    • Access Points
    • Switches / Routers
    • Selection Criteria
    • Wireless Architecture and Terminology
      • Basic Service Set (BSS)
      • Basic Service Set Identifier (BSSID)
      • Extended Basic Service Set (ESSID)
      • Device-to-Device (Adhoc) Communication
  • Power Measurements
    • Decibel Calculations – Calculating Gains and Losses
  • Wireless Technologies: SoHo and IoT
    • IEEE 802.15 Bluetooth
    • IEEE 802.16 WiMAX
    • Home RF
    • IEEE 802.15.4 ZigBee
    • Infrared
    • PBCC
    • 3G / 4G / 5G

II. Wireless Data Collection Fundamentals

  • Location – How Network Infrastructure Devices Affect Capture and Analysis
    • Switches, Bridges, Routers, Firewalls, CSU / DSU and SBC
    • Multimedia Data Collection ??? Tips & Techniques
    • Capture Configuration and Multiple Captures
    • Configurations – LAN vs. WiFi / WLAN IEEE 802.11
    • Real-time vs. Post Capture Analysis
    • Monitoring current traffic
  • Commercial Off-The-Shelf (COTS) Wireless systems
    • WiFi Pineapple
    • Raspberry Pi
    • Arduino
  • Identifying the Target
    • Utilizing traffic captures to focus on target identification and remote activation

III. Configuration Techniques

  • Encrypted VPN’s
    • Theory and functionality
    • Configuration
  • WiFi Pineapple
    • Theory and functionality
    • Configuration
  • Raspberry Pi
    • Theory and functionality
    • Configuration
  • Arduino
    • Theory and functionality
    • Configuration
  • Basic Python / Bash Scripting

IV. Wireless Network Penetration, Compromise and Exploitation Technique

  • Wireless penetration and compromise technique
    • Overview of WiFi-based Security Vulnerabilities
    • Rouge Devices
    • Denial of Service (DoS / DDoS) Attacks
    • Live scans vs. passive OS fingerprinting
    • Attack / Exploit hardware tools
    • Attack / Exploit software tools
    • Man-in-Middle – Hardware vs. Software techniques
    • Report viewers and controlling software
    • Unattended devices
    • Other advanced means of compromise
  • Putting it all Together – Practical Exercises
    • Laboratory Work
      • Preparing Scripts and files
      • Configuring devices
      • Executing controlled tests
    • Real-World Testing and Evaluation
      • Preparing Scripts and files
      • Configuring devices
      • Real-World execution and evaluation