SniffAir – An Open-Source Framework for Wireless Security Assessments

No ratings

Presented at hackfest 2017 by

SniffAir is an open-source wireless security framework. Its primary purpose is to provide penetration testers, systems administrators, or others eager about wireless security a way to collect, manage, and analyze wireless traffic. SniffAir was born out of the hassle of managing large or multiple pcap files, manually reviewing the information, and subsequently formulating an attack. SniffAir allows testers to thoroughly cross-examine and analyze traffic while looking for potential security flaws or malicious traffic. Testers can also employ SniffAir to carry out attacks based on this information. We created SniffAir to collect all the traffic broadcasted and sort it by Client or Access Point. Testers can create custom rules to help define the scope, and SniffAir can be instructed to parse collected information based on those rules. SniffAir then uses the rules to move the in-scope data to a new set of tables, allowing the framework to compare filtered data against the original table for anomalies. If applicable, the tester can then load the desired information into SniffAir’s wireless attack modules, allowing them to carry out various sophisticated wireless attacks directly through the framework. By making this project open-source, our hope is to stir the community’s interest in wireless security, whether it be by contributing to the framework directly, or by discovering new methods to assess or attack wireless networks which can then be incorporated into the framework.