Overview: Wireless Penetration Testing
WiFi Security Is Possible
Raxis Penetration testers have strong experience in securing wireless networks as the technology changes over time. The Raxis team uses this expertise to examine your wireless infrastructure, not only for weaknesses within your systems, but also for rogue networks and attacks that may be occurring without your knowledge.
We Know All of the Tricks
Our wireless testing will help you understand the potential security risks that your systems may be exposed to. If it's more convenient, Raxis can perform the testing remotely using the Raxis Transporter solution, or we may travel to your location. Raxis testers examine the WiFi technology in place throughout your site(s) and attempt to gain further access through gathering and cracking Pre-Shared Keys (PSK) and/or the creating rogue access points as well as the exploitation of insecure technologies such as WEP and WPA/WPA2. Raxis testers will map out your network and inform you of rogue access points that are already in place. Raxis will also test your guest wireless network for segmentation to ensure that your internal network is protected.
Raxis WiFI Penetration Testing Features
- Discovery and mapping of 802.11b/g/n/ac wireless networks on 2.4GHz or 5GHz bands, including possible rogue networks
- Exploiting of non-secure wireless technologies such as WEP and WPA
- Cracking of WPA and WPA2 Pre-Shared Keys, if obtained during testing, to be leveraged for additional access
- Creating rogue access points
- Testing guest wireless networks to ensure they do not allow access to internal environments
- Examining of passwords for common weaknesses, if passwords are obtained during testing
Download our Penetration Testing Service Brief (PDF) for more information.
Transporter Remote Access
Raxis Transporter provides an easy to deploy "virtual wire" network connection to our manual penetration testers, vulnerability assessors, and R3 incident response team.
On-Site Penetration Testing
Sometimes it's necessary to be on-site to get access to internal networks or examine a breach first hand. No problem, our consultants will fly to you.
FAQ: Wireless Penetration Testing
How does Raxis perform a wireless penetration test?
Wireless Penetration testing can be performed remotely using our Transporter solution, or we will travel to your location. Raxis uses several techniques to breach your wireless network, including impersonating your SSID, capturing handshakes from the air, and brute-force attacking the password. Once we're in, we will attempt to capture actual data from your systems as a proof of concept. Of course, remediation steps will be provided in the report to ensure that any gaps are closed.
Do you test guest wireless networks as well?
Yes, if that is what you're looking for on the wireless penetration test. Guest networks can sometimes be utilized to jump to the private internal network either through a misconfigured workstation or router. We'll also provide recommendations to improve security between guests to help reduce the risk of guests attacking their peers.
What does a wireless penetration test cost?
Raxis charges by the number of locations and size of the wireless network. Costs range from as little as $6,000 to over $25,000 for a large enterprise mobile application. We will work with you to get the right scope to meet your budget. Unless you select the Transporter option for remote work, keep in mind travel costs may also be billed during wireless testing depending on the type of service chosen.
How long does it take to perform a pen test against my wireless network?
While it depends largely on the number of SSIDs, access points, and size of the wireless environment, most Raxis penetration tests are performed within 5 business days.
Does this wireless pentest meet PCI, HIPAA, Meaningful Use, or GLBA requirements?
Yes. Raxis penetration testing and reports exceed NIST 800-115 standards required by most regulatory agencies. If a clean penetration test report is needed to meet requirements, we can work with you to re-test any findings and validate that the proper configuration changes or upgrades were made.
How often should I get a wireless pentest?
Many regulatory agencies require a penetration test each year, or after any changes are made to the software code or configuration. With self-built web applications, it is highly recommended to perform a penetration test at every release to ensure any new code does not introduce a new security risk.
A Smarter Way to Stay Secure
Learn how hacking can help find and fix security gaps you never knew about.