Skip to content

Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets.

License

Notifications You must be signed in to change notification settings

aes512/wireless-ids

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Wireless IDS [Intrusion Detection System]

Wireless IDS is an open source tool written in Python and work on Linux environment. This tool will sniff your surrounding air traffic for suspicious activities such as WEP/WPA/WPS attacking packets. It do the following

  • Detect mass deauthentication sent to client / access point which unreasonable amount indicate possible WPA attack for handshakes.
  • Continual sending data to access point using broadcast MAC address which indicate a possibility of WEP attacks
  • Unreasonable amount of communication between wireless client and access point using EAP authentication which indicate the possibility of WPS bruteforce attack by Reaver / WPSCrack
  • Detection of changes in connection to anther access point which may have the possibility of connection to Rogue AP (User needs to assess the situation whether similar AP name)
  • Detects possible Rogue Access Point responding to probe by wireless devices in the surrounding.

Newly Added !!!!

  • Display similar Access Point's name (SSID) which could have the possibility of WiFi 'Evil Twins'.
  • Display of probing SSID by wireless devices
  • Detection of Korek Chopchop packets sent by Aircrack-NG (WEP attacks)
  • Detection of Fragmentation PRGA packets sent by Aircrack-NG (WEP attacks)
  • Detection of possible WPA Downgrade attack by MDK3
  • Detection of possible Michael Shutdown exploitation (TKIP) by MDK3
  • Detection of Beacon flooding by MDK3
  • Detection of possible Authentication DoS by MDK3
  • Detection of possible association flooding
  • Detection of WPA Migration Attack by Aircrack-NG (WPA Attack)
  • Allow logging of events to file.
  • Allow disabling of displaying of probing devices
  • Setting of scanning count..

Visit and Like my Facebook Page for other updated information and tools.

Read Wiki for installation and other details (https://github.com/SYWorks/wireless-ids/wiki)

Submit issue here

About

Ability to detect suspicious activity such as (WEP/WPA/WPS) attack by sniffing the air for wireless packets.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published