Wireless Penetration Testing

Solid Rock Innovations utilizes a detailed and repeatable methodology. We ensure this process is used during each engagement to ensure our assessment is reliable and reproducible. To get these results, we utilize the following steps listed below:

1. Scope

The scoping phase includes establishing the rules of engagement, communicating about access points in scope, the overall timeline of the assessment, and whether or not the test will be performed from a white, gray, or black box approach.

2. Discovery

Enumerate and footprint target environments in order to identify and verify access points. During this phase, we will determine encryption types utilized across the wireless environment. Key targets will be selected for exploitation during the attack phase. If unencrypted networks are discovered, clear-text transmissions will be captured and reassembled to identify any user credentials and other sensitive information.


3. Attack

The attack phase is where exploitation of any vulnerability and/or misconfigurations occur. During this phase, we may initiate several attacks depending on the wireless environment. Attacks can include man-in-the-middle, exploitation of rogue access points, brute forcing, session hijacking, and more. We will attempt to exploit vulnerabilities by utilizing a blend of custom, open source, and commercial software tools. Throughout the attack phase, we will employ an approach wherein we exploit a vulnerable host with the explicit intention of accessing sensitive information, establishing a persistent presence on the system, and exploiting the trusts of related systems..


4. Reporting

Reporting is the final phase of the assessment. All of the information gathered is combined and used to provide the client with a comprehensive detailing of the findings. The report contains a breakdown of the overall risk, highlighting strengths and weaknesses with the wireless network. Recommendations are included to help the business to make informed decisions regarding the mobile application. Each vulnerability is further broken down into technical details, along with remediation steps for the technical team to follow. An executive summary is also included to help provide information for strategic planning.

5. Remediation Testing (Optional)

Upon the request of the client, a retest can be performed after the client has addressed vulnerabilities identified in the assessment. We validate to see if the vulnerability still exists to ensure the changes were implemented properly. The prior assessment will be updated to reflect the results of the retest.