Phoenix TS

Wireless Hacking Training

This training addresses security concerns and teaches students how to best defend wireless systems against attacks. 

BONUS! Cyber Phoenix Subscription Included: All Phoenix TS students receive complimentary ninety (90) day access to the Cyber Phoenix learning platform, which hosts hundreds of expert asynchronous training courses in Cybersecurity, IT, Soft Skills, and Management and more!

Course Overview

Our 4-day, instructor-led Wireless Hacking training course is designed for IT professionals in the field of cyber security such as forensic investigators and malware analysts. It covers:

  • The basics of wireless security
  • Effective attack methods & remediation tactics
  • 802.11 wireless networks deployed within a home or enterprise setting
  • 802.11 wireless networks with a client focus
  • Hacking additional wireless technologies

Prerequisites: Before taking this course, you should have at least two years of networking experience. It is also recommends that you have either the CompTIA® Network+, Security+ or EC-Council® CEH Certification.


Currently, there are no public classes scheduled. Please contact a Phoenix TS Training Consultant to discuss hosting a private class at 301-258-8200.


Not seeing a good fit?

Let us know. Our team of instructional designers, curriculum developers, and subject matter experts can create a custom course for you.

Contact Us

Learn more about custom training

Course Outline

802.11 Hacking

  • Basics of 802.11
  • Hardware and Drivers

Operating Systems and Tools for 802.11 Networks

  • Choosing an OS based on Hardware and Applications
  • inSIDer and Vistumbler Windows Network Scanners
  • Sniffing and Injection Tools for Windows
  • KisMAC Mac OS X Discovery Tool
  • Kismet Linux Discovery Tool 
  • Mobile Discovery Tools and Online Mapping

Tools and Techniques for Bypassing 802.11 Wireless Networks

  • Basic Attack Types
  • Accessing Hidden or Nonbroadcasting Wireless Networks
  • Cracking WEP Keys
  • Cracking Hidden and WEP-Encrypted Networks
  • Recovering a Keystream
  • Deauth Attacks and Michael Countermeasures

Practical Attacks against WPA Networks

  • Breaking WPA with Pre-Shared Key (PSK) Authentication 
  • Breaking WPA Enterprise Authentication
  • Encryption Attacks against TKIP
  • Attacking Components

Compromising Wireless Clients

  • Application Level Attacks
  • Client Attacks with an Evil DNA Server
  • ARP Spoofing with Ettercap
  • Rogue Apps and Evil Servers with Karmetasploit
  • Direct Client Injection
  • Device Driver Vulnerabilities
  • WI-FI and Web Hacking

Exploiting a Mac OS X 802.11 Wireless Client

  • Preparing and Testing the Exploit
  • Preparing Tools for Installation
  • Initial Reconnaissance Preparation
  • Kismet, Aircrack-ng Preparation
  • Preparing and Executing the Package  
  • Delivering the Java Exploit  
  • Using the User-Level Code Execution to the Highest Extent

Exploiting a Windows Wireless Client

  • Overview of a Windows Client Attack
  • Establish the Attack Infrastructure
  • Exploiting a Hotspot Environment
  • Controlling the Client
  • Wireless Reconnaissance – Local and Remote
  • Target Wireless Network Attack

Bluetooth Scanning and Reconnaissance

  • Overview of Bluetooth Device Interaction
  • Attack Preparation
  • Reconnaissance Phase of a Bluetooth Attack
  • SDPtool for Enumerating Services

Bluetooth Eavesdropping Attacks

  • Using Commercial Bluetooth Sniffers
  • Open-Source Bluetooth Tools

Attacking and Exploiting Bluetooth

  • PIN Attacks
  • Practical PIN Cracking
  • Manipulating Bluetooth Identification Mechanisms
  • Vulnerabilities in Bluetooth Profiles
  • Future of Bluetooth

ZigBee Protocol  

  • Overview of ZigBee Technology
  • ZigBee Security Measures
  • ZigBee Attack and Exploitation
  • Start to Finish Attack against ZigBee Device Implementation 


  • Overview of DECT Devices and Technology
  • DECT Security Standards
  • DECT Attacks and deDECTed.org

Scoping and Information Gathering

  • Pre-Assessment Planning Process
  • Assessing Information and Estimating Effort

Wireless Hacking Training FAQs

Who should take this course?

This course is intended for CIO Officers, Forensics Investigators, and
Malware Analysts.

What is the recommended experience for this course?

Students should have at least two years of work experience in networking and hold CompTIA Network+, Security+ and EC-Council CEH certifications or hold equivalent experience and knowledge.

BONUS! Cyber Phoenix Subscription Included: All Phoenix TS students receive complimentary ninety (90) day access to the Cyber Phoenix learning platform, which hosts hundreds of expert asynchronous training courses in Cybersecurity, IT, Soft Skills, and Management and more!

Phoenix TS is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints re-garding registered sponsors may be submitted to the National Registry of CPE Sponsors through its web site: www.nasbaregistry.org

Subscribe now

Get new class alerts, promotions, and blog posts

Phoenix TS needs the contact information you provide to us to contact you about our products and services. You may unsubscribe from these communications at anytime. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.

Download Course Brochure

Enter your information below to download this brochure!