• aircrack−2.2−beta1

• aircrack−ng−0.6.2

aircrack is an 802.11 WEP cracking program that can recover a 40-bit or 104-bit WEP key once enough

encrypted packets have been gathered. It implements the standard FMS attack along with some optimizations,

thus making the attack much faster compared to other WEP cracking tools.

• irpwn−1.3

• airsnarf−0.2

The new tool, called Airsnarf, broadcasts a powerful signal that disconnects any nearby hot spot users

from the Internet. Then it broadcasts a sign-in page that looks like the log-in site of the legitimate Wi-Fi provider

When users, figuring they were knocked off the Internet momentarily, log in again, their user name and password go to the hackers

• asleap−1.4

sleap is a tool to recover weak LEAP and PPTP passwords. asleap is the

product of the research of weaknesses in Cisco's proprietary LEAP protocol

• wifitap

Wifitap is a proof of concept for communication over WLAN networks using traffic injection.

Wifitap allows direct communication with an associated station to a given access point directly, whilst

not being being associated ourselves or being handled by access point.

• hotspotter−0.4

Hotspotter passively monitors the network for probe request frames to identify the preferred

networks of Windows XP clients, and will compare it to a supplied list of common hotspot network

names. If the probed network name matches a common hotspot name, Hotspotter will act as an

access point to allow the client to authenticate and associate. Once associated, Hotspotter can be

configured to run a command, possibly a script to kick off a DHCP daemon and other scanning against the new victim.

• fakeap−0.3.2

Fake AP generates thousands of counterfeit 802.11b access points. Hide in plain sight amongst Fake AP's

cacophony of beacon frames. As part of a honeypot or as an instrument of your site security plan, Fake AP

confuses Wardrivers, NetStumblers, Script Kiddies, and other undesirables.

• cowpatty−2.0

oWPAtty is designed to audit the pre-shared key (PSK) selection for WPA networks based on the TKIP protocol. A while back, Robert Moskowitz published a paper titled "Weakness in Passphrase Choice in WPA Interface" that described a dictionary attack against wireless networks using the TKIP protocol with a pre-shared key (PSK). Supply a libpcap file that includes the TKIP four-way handshake, a dictionary file of passphrases to guess with and the SSID for the network

• wep_crack

The wep_crack tool exploits the weaknesses in the Neesus Datacom WEP key selection algorithm, allowing an attacker to brute-force all combinations of a 40-bit key in a few seconds.

• wep_decrypt

Wepcrack is a collection of Perl scripts that includes WEPcrack.pl, WeakIVGen.pl, prism-getIV.pl, and prism-decode.pl. Prism-getIV.pl takes a pcap-format file as an input (e.g., perl prism-getIV.pl ) and collects packets with initialization vectors that match the pattern known to weaken WEP keys. It also dumps the first byte of the encrypted output and places it and the weak IVs in a log file called IVFile.log. IVFile.logWEPcrack.pl. Real-time WEP cracking a la AirSnort using Wepcrack is straightforward is used as an input to crack WEP with