Saturday, January 17, 2009

OSWA: Wireless Auditing LiveCD/LiveUSB


[Auditing of WiFi (802.11), Bluetooth and RFID]

source: http://oswa-assistant.securitystartshere.org/

Description

The OSWA-Assistant™ is a self-contained, freely downloadable, wireless-auditing toolkit for both IT-security professionals and End-users alike.

This toolkit is our contribution to the wireless security/auditing community and, as the "Assistant" moniker implies, and is designed for the following groups of people:
  • IT-security auditors and professionals who need to execute technical wireless security testing against wireless infrastructure and clients;
  • IT professionals who have responsibility for ensuring the secure operation and administration of their organization's wireless networks;
  • SME (Small & Medium Enterprise) and SOHO (SmallOffice-HomeOffice) businesses who do not have either the technical expertise or the resources to employ such expertise to audit their wireless networks;
  • Non-technical-users who run wireless networks at home and who would like to audit the security of their wireless home networks and laptops but don't know how.
Features

The OSWA™-Assistant is a no-Operating-System-required standalone toolkit which is solely focused on wireless auditing. As a result, in addition to the usual WiFi (802.11) auditing tools, it also covers Bluetooth and RFID auditing. Using the toolkit is as easy as popping it into your computer's CDROM and making your computer boot from it!

Technical professionals will easily be able to use the traditional menu-driven approach right off the bat as the arrangement of the menus is much more organized and logical than many other LiveCDs, as well as the presence of tools which don't just help with 802.11 (WiFi) auditing but also Bluetooth and RFID auditing as well.

Non-technical Home-owners and SOHO users are also catered to via the ActivityMap™ help system. Via a web interface, the ActivityMap™ helps non-technical or non-IT-security professionals to conduct basic security testing of their own wireless networks in a methodical and consistent manner. Using ThinkSECURE's 5E Methodology as a framework, the ActivityMap™ guides the user through the process of determining and proving if his/her network is secure or not.

By providing the ActivityMap, we hope to help end-users by providing them with a means to audit and prove if their networks are vulnerable and thus take the appropriate countermeasures to reduce their vulnerability exposure. By empowering the man-on-the-street to secure his/her own wireless network, our intention is that there will be less vulnerable networks around for evil-intentioned people to take advantage of, thus raising the overall national wireless security defence posture.

Tools

802.11 Tools

  • Aircrack-ng 1.0-beta2 suite
  • Airfart
  • Airsnort
  • Airsnarf
  • AP-Hopper
  • AP-Radar
  • AP-Utils
  • Asleap
  • ChopChop
  • CoWPAtty
  • HostAPD
  • Hotspotter
  • Karma
  • Kismet
  • Leapcracker
  • MDK3-v4
  • MoocherHunter
  • Probemapper
  • SSIDsniff
  • Wardrive
  • Wavemon
  • WEPlab
  • Wi-Find
  • Wi-Spy Tools
  • WifiTap
  • WifiZoo
  • WPA-attack (Attacker)
  • WPA Supplicant
  • Wireless Extensions & Wireless Tools package (iwconfig/iwpriv, etc)


Bluetooth Tools


  • Bluebugger
  • Bluediving
  • Blueprint
  • Bluescanner
  • Bluesnarfer
  • BT-Audit
  • Btfs
  • Btscanner
  • Carwhisperer
  • Ghettotooth
  • Obexpush-dos
  • HIDattack
  • Redfang
  • T-Bear
  • Ussp-push
  • Bluez Bluetooth package with hcitool/hciconfig


RFID Tools


  • Rfdump
  • Rfidtool

Current Version: 0.9.0.5e (August 8, 2008)
Download: http://securitystartshere.org/page-t...t-download.htm

No comments: