1. Kismet
Kismet is an 802.11 layer2 wireless network
detector, sniffer, and intrusion detection system.
Kismet will work with any wireless card which
supports raw monitoring (rfmon) mode, and (with
appropriate hardware) can sniff 802.11b, 802.11a,
802.11g, and 802.11n traffic. Kismet also
supports plugins which allow sniffing other media
such as DECT. Kismet identifies networks by
passively collecting packets and detecting
standard named networks, detecting (and given
time, decloaking) hidden networks, and infering
the presence of nonbeaconing networks via data
traffic.
-Features :
1. 802.11b, 802.11g, 802.11a, 802.11n sniffing
2. Standard PCAP file logging (Wireshark,
Tcpdump, etc)
3. Client/Server modular architecture
4. Multi-card and channel hopping support
5. Runtime WEP decoding
6. Tun/Tap virtual network interface drivers for
realtime export of packets
7. Hidden SSID decloaking
8. Distributed remote sniffing with Kismet drones
9. XML logging for integration with other tools
10. Linux, OSX, Windows, and BSD support
(devices and drivers permitting)
2. NetStumbler
NetStumbler is a tool for Windows that facilitates
detection of Wireless LANs using the 802.11b,
802.11a and 802.11g WLAN standards. It runs on
Microsoft Windows operating systems from
Windows 2000 to Windows XP. A trimmed-down
version called MiniStumbler is available for the
handheld Windows CE operating system.
-Used for :
1. Wardriving
2. Verifying network configurations
3. Finding locations with poor coverage in a WLAN
4. Detecting causes of wireless interference
5. Detecting unauthorized ("rogue") access points
6. Aiming directional antennas for long-haul
WLAN links
3. WireShark
Wireshark is the world's foremost network
protocol analyser. It lets you see what's
happening on your network at a microscopic level.
It is the de facto standard across many industries
and educational institutions.
-Features :
1. Deep inspection of hundreds of protocols, with
more being added all the time
2. Live capture and offline analysis
3. Standard three-pane packet browser
4. Multi-platform: Runs on Windows, Linux, OS X,
Solaris, FreeBSD, NetBSD, and many others
5. Captured network data can be browsed via a
GUI, or via the TTY-mode TShark utility
4. AirSnort
AirSnort is a Linux and Microsoft Windows utility
(using GTK+) for decrypting WEP encryption on an
802.11b network. Distributed under the GNU
General Public License,[1] AirSnort is free
software. However, it is no longer maintained or
supported.
5. CoWPAtty
CoWPAtty automates the dictionary attack for
WPA-PSK. It runs on Linux. The program is
started using a command-line interface,
specifying a word-list that contains the
passphrase, a dump file that contains the four-
way EAPOL handshake, and the SSID of the
network.