Rogue wifi AP detection with Snappy

Open wifi is quite common today. The danger is that a hacker may create a fake open wifi access point (AP) to capture user traffic. A tool called Snappy allows apparently to fingerprint wifi access points, so one can easily detect roge wifi access points.

• https://www.bleepingcomputer.com/news/security/snappy-a-tool-to-detect-rogue-wifi-access-points-on-open-networks/
• https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/snappy-detecting-rogue-and-fake-80211-wireless-access-points-through-fingerprinting-beacon-management-frames/
• https://github.com/SpiderLabs/snappy
• https://wiki.wireshark.org/CaptureSetup/WLAN
• https://book.hacktricks.xyz/generic-methodologies-and-resources/basic-forensic-methodology/pcap-inspection/wifi-pcap-analysis

Goal

The goal of this project is to create a wifi setup in the lab, capture wifi traffic, than test the Snappy tool

Expected outcome

• recorded pcaps
• 1 blog post
• 1 poster
• a project report documenting the setup and findings

Required skills

To start this project you should have some knowledge of networking, wifi and using a Linux system (command line).

Interested?

Contact us