1. Penetration Testing Tools
1.1. Metasploit
1.2. Security Auditor's Research Assistant (SARA)
2. Network Management & Control Tools
2.1. Wireless protocol analyzers
2.2. Aircrack-ng
2.3. Airshark
2.4. Network management systems
2.4.1. NMS application-open source
2.4.1.1. OpenNMS
2.4.1.2. Nagios
2.4.1.3. Zenoss
2.4.2. NMS application-commercial
2.4.2.1. WhatsUp Gold
2.4.2.2. SolarWinds
2.4.2.3. IBM Tivoli
3. WLAN Hardware Audit Tools
3.1. Pineapple
3.2. Pentesting & network auditing toolbox
3.3. Microcomputer that runs application scripts
3.3.1. Aircrack-ng suite
3.3.2. dsniff
3.3.3. Kismet
3.3.4. Karma
3.3.5. Nmap
3.3.6. tcpdump
4. WLAN Antennas
4.1. Omnidirectional antennas
4.2. Directional or semi-directional antennas
5. Attack Tools and Technique
5.1. Radio frequency jamming
5.2. Denial of service
5.2.1. Aircrack-ng
5.2.2. Airdeauth-ng
5.3. Hijacking devices
5.3.1. deauth packets
5.4. Hijacking a session
6. Network Utilities
6.1. Ping
6.2. Traceroute/Tracert
6.3. Netstat
6.4. Ifconfig/IPconfig
6.5. InSSIDer
6.6. Hotspot Shield
7. Methodology
7.1. Quantitative assessment
7.2. Qualitative assessment
8. WLAN Discovery Tools
8.1. NetStumbler & InSSIDer
8.2. Kismet
8.3. HeatMapper
9. Password-Capture & Decryption Tools
9.1. Auditing & recovering passwords
9.1.1. Nessus
9.1.2. Aircrack-ng
9.1.3. Win Sniffer
9.2. Dictionary-style attacks
9.2.1. Each item in world list is encrypted
9.2.2. Dictionary password crackers
9.2.2.1. Aircrack-ng
9.2.2.2. Cain & Abel
9.2.2.3. John the Ripper
9.3. Brute-force attacks
9.3.1. Crack password by comparing all possible combinations of character
9.3.2. Five-character password has 1.934 billion possible combinations
9.3.3. Eight-character password has 722,200 billion combinations
10. Network Enumerators
10.1. Software that scan network for active hosts/list IP address in a subnet/fingerprint each IP
10.1.1. Nessus
10.1.2. Nmap
10.2. Detect Windows shares
10.2.1. Legion from Rhino9
10.3. OS fingerprinting or port scanning
10.3.1. LanGuard
10.4. To protect against running software
10.4.1. Use wireless instrusion prevention system (WIPS)
11. Risk Assessment on WLANs
11.1. Access control
11.2. User authentication
11.3. Data encryption
11.4. Intrusion prevention
11.5. Antivirus & anti-malware software
11.6. Standard,guideline & policies
11.7. Network-perimeter & Internet security
11.8. Transmission security
11.9. Application & Web Services
12. Security Risk Assessment Terms
12.1. Asset
12.2. Threat
12.3. Vulnerability
12.4. Risk
12.5. Asset x Threat x Vulnerability = Risk
13. Security Risk Assessment Stages
13.1. Planning
13.2. Information gathering
13.3. Risk analysis
13.3.1. Social threats
13.3.2. Technical threats
13.3.3. Environmental threats
13.4. Identifying & implementing controls
13.4.1. Technical
13.4.2. Administrative
13.4.3. Operational