For IT managers and network administrators in enterprises, the best way to enhance WiFi security is to use the most popular and effective tools from the hacker community to test your own wireless network. By doing this, you can identify security vulnerabilities and then specifically reinforce them.
A few years ago, we introduced 15 free (or nearly free) WiFi network penetration testing tools. As we enter 2016, we have updated this list based on the latest security intelligence, and we recommend the following 20 free tools:
Aircrack is currently the most popular WiFi password-cracking tool. There are many tools on the market that can crack WiFi encryption, generally exploiting WEP vulnerabilities or using brute force dictionary attacks to crack WPA/WPA2 PSK passwords. WPA2 AES/CCMP encryption remains a relatively secure choice. If you choose WPA2 PSK mode, your password should ideally be a 13-character or longer mix of characters. Before your Wi-Fi network is compromised or accessed without authorization, it is best to attack it yourself using a cracking tool like Aircrack. Aircrack is an open-source WEP/WPA/WPA2 PSK cracking tool that can run on Windows, Mac OS X, Linux, and OpenBSD. You can download either a VMware image file or a Live CD file.
Download link: http://www.aircrack-ng.org/
AirSnort is another popular WLAN password-cracking tool that can crack WEP keys.
Download link: http://sourceforge.net/projects/airsnort/
Kismet is an open-source WiFi scanner, packet sniffer, and intrusion detection system, which can run on Windows, Mac OSX, Linux, and BSD. Kismet can display detailed information of APs, including hidden SSIDs, capture raw wireless data packets, and import data into analysis tools like Wireshark and TCPdump. In a Windows environment, limited by driver support, Kismet can only work with CACE AirPcap wireless adapters. However, on Mac OSX and Linux, Kismet is compatible with many wireless cards.
Download Kismet: http://www.kismetwireless.net/download.shtml
Cain and Abel are password recovery, cracking, and sniffing tools on Windows that can be used to demonstrate how to sniff plaintext passwords from a network.
Download link: http://www.oxid.it/cain.html
WireShark is a very popular network protocol analysis tool, and information on the new features of the latest Wireshark 2.0 version is available here.
Download Wireshark: https://www.wireshark.org/
Fern is an excellent network vulnerability scanning and WLAN cracking tool that can crack and obtain WEP/WPA/WPS keys. The development of Fren has never stopped, and the professional version offers more powerful features.
Download link: http://www.fern-pro.com/downloads.php
CoWPAtty is also a wireless password-cracking tool, and the new version comes preloaded with a dictionary file of 170,000 entries, including thousands of popular SSIDs, greatly increasing cracking speed, similar to various WiFi key applications available domestically.
Download link: http://sourceforge.net/projects/cowpatty/
Airjack is an 802.11 packet injection tool, previously used to initiate DOS or man-in-the-middle attacks.
Download link: http://sourceforge.net/projects/airjack/
As the name suggests, WepAttack is also an 802.11 WEP key cracking tool and an open-source Linux tool.
Download link: http://wepattack.sourceforge.net/
NetStumbler is a wireless password-cracking tool that runs on the Windows platform. The tool hasnât been updated for a long time, is incompatible with 64-bit Windows versions, and can be detected by most wireless intrusion detection tools, making it suitable for practice at home.
Download link: http://www.stumbler.net/
inSSIDer is the most popular WiFi scanning tool on Windows and Mac platforms, and it once won the best open-source network software title, but it has now turned into a paid version ($19.99).
Download link: http://www.inssider.com/
The open-source wireless security tool Wifiphisher can automate phishing attacks on WPA-encrypted AP wireless hotspots to obtain passwords. By utilizing social engineering principles to execute a man-in-the-middle attack, Wifiphisher does not require brute force cracking during an attack.
WiFiphiser is open-source software based on the MIT license and runs on Kali Linux.
Download link: https://github.com/sophron/wifiphisher
A tool similar to Kismet for the Mac platform.
Download link: http://kismac-ng.org/
If you are using a wireless router, you need to be aware of a security vulnerability discovered last year: the PIN code provided by many router manufacturers for WPS (one-touch authentication mode, which facilitates router device connection authentication) can be cracked within hours. Reaver is such a tool; it is a Linux program that can brute force crack the WPS PIN code and WPA/WPA2 PSK password of a wireless router in 4-10 hours. Reaver also offers a user-friendly dedicated hardware solution: Reaver Pro, with a graphical web interface.
Download link: https://code.google.com/p/reaver-wps/downloads/list
Wifite is a great wireless password-cracking tool that supports Reaver to crack WPS keys and runs on the Linux platform.
Download link: https://github.com/derv82/wifite
WepDecrypt is a wireless password dictionary attack tool suitable for beginners, written in C language, but it hasnât been updated for a long time.
Download link: http://wepdecrypt.sourceforge.net/wepdecrypt-manual.html
OmniPeek is a network packet sniffing and analysis tool exclusive to the Windows platform. It requires users to have a deeper understanding of network protocols and packets.
Download link: http://www.wildpackets.com/products/distributed_network_analysis/omnipeek_network_analyzer
As the name suggests, CloudCracker is a cloud-based WiFi password-cracking tool.
Download link: https://www.cloudcracker.com/
CommonView is a popular network monitoring and packet analysis tool, its main feature is having a GUI graphical interface.
Download link: http://www.tamos.com/products/commwifi/
Pyrit is also an excellent WiFi password brute force cracking tool (WPA/WPA2-PSK). It runs on FreeBSD, MacOS, and Linux platforms.