BackTrack 5 Wireless Penetration Testing Beginner's Guide and over one million other books are available for Amazon Kindle. Learn more

Vous voulez voir cette page en français ? Cliquez ici.

Sign in to turn on 1-Click ordering.
Amazon Prime Free Trial required. Sign up when you check out. Learn More
More Buying Choices
Have one to sell? Sell yours here
Start reading BackTrack 5 Wireless Penetration Testing Beginner's Guide on your Kindle in under a minute.

Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.

Backtrack 5 Wireless Penetration Testing Beginner's Guide [Paperback]

Vivek Ramachandran
4.0 out of 5 stars  See all reviews (1 customer review)
Price: CDN$ 55.86 & FREE Shipping. Details
o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o
Only 1 left in stock (more on the way).
Ships from and sold by Gift-wrap available.
Want it delivered Wednesday, October 22? Choose One-Day Shipping at checkout.


Amazon Price New from Used from
Kindle Edition CDN $16.49  
Paperback CDN $55.86  
Join Amazon Student in Canada

Book Description

Sept. 9 2011

Master bleeding edge wireless testing techniques with BackTrack 5.

  • Learn Wireless Penetration Testing with the most recent version of Backtrack
  • The first and only book that covers wireless testing with BackTrack
  • Concepts explained with step-by-step practical sessions and rich illustrations
  • Written by Vivek Ramachandran - world renowned security research and evangelist, and discoverer of the wireless "Caffe Latte Attack"

In Detail

Wireless has become ubiquitous in today's world. The mobility and flexibility provided by it makes our lives more comfortable and productive. But this comes at a cost - Wireless technologies are inherently insecure and can be easily broken. BackTrack is a penetration testing and security auditing distribution that comes with a myriad of wireless networking tools used to simulate network attacks and detect security loopholes.

Backtrack 5 Wireless Penetration Testing Beginner's Guide will take you through the journey of becoming a Wireless hacker. You will learn various wireless testing methodologies taught using live examples, which you will implement throughout this book. The engaging practical sessions very gradually grow in complexity giving you enough time to ramp up before you get to advanced wireless attacks.

This book will take you through the basic concepts in Wireless and creating a lab environment for your experiments to the business of different lab sessions in wireless security basics, slowly turn on the heat and move to more complicated scenarios, and finally end your journey by conducting bleeding edge wireless attacks in your lab.

There are many interesting and new things that you will learn in this book - War Driving, WLAN packet sniffing, Network Scanning, Circumventing hidden SSIDs and MAC filters, bypassing Shared Authentication, Cracking WEP and WPA/WPA2 encryption, Access Point MAC spoofing, Rogue Devices, Evil Twins, Denial of Service attacks, Viral SSIDs, Honeypot and Hotspot attacks, Caffe Latte WEP Attack, Man-in-the-Middle attacks, Evading Wireless Intrusion Prevention systems and a bunch of other cutting edge wireless attacks.

If you were ever curious about what wireless security and hacking was all about, then this book will get you started by providing you with the knowledge and practical know-how to become a wireless hacker.

Hands-on practical guide with a step-by-step approach to help you get started immediately with Wireless Penetration Testing

What you will learn from this book

  • Create a Wireless Lab for conducting experiments
  • Monitor the air and sniff wireless packets
  • Bypass WLAN authentication mechanism
  • Crack WEP/WPA/WPA2 encryption mechanisms
  • Break into a WLAN network using infrastructure flaws
  • Break into a Wireless client such as a laptop
  • Advanced attacks such as Man-in-the-Middle attacks and Evading WIPS
  • Conduct wireless penetration test in a methodical way


Written in Packt's Beginner's Guide format, you can easily grasp the concepts and understand the techniques to perform wireless attacks in your lab. Every new attack is described in the form of a lab exercise with rich illustrations of all the steps associated. You will practically implement various attacks as you go along.

Who this book is written for

If you are an IT security professional or a security consultant who wants to get started with wireless testing with Backtrack, or just plain inquisitive about wireless security and hacking, then this book is for you. The book assumes that you have familiarity with Backtrack and basic wireless concepts.

Frequently Bought Together

Backtrack 5 Wireless Penetration Testing Beginner's Guide + Metasploit: The Penetration Tester's Guide + The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy
Price For All Three: CDN$ 111.04

Customers Who Bought This Item Also Bought

Product Details

Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Back Cover
Search inside this book:

Customer Reviews

5 star
3 star
2 star
1 star
4.0 out of 5 stars
4.0 out of 5 stars
Most helpful customer reviews
1 of 1 people found the following review helpful
4.0 out of 5 stars subversive ! Oct. 23 2011
This book must surely have been written with a subversive gleam in Ramachandran's eye. It is the equivalent of the Anarchist's Handbook from the 1960s. Granted, the Preface has the statutory disclaimer about how the book is really meant for someone learning to be a penetration tester for a wireless network. Where you then have the expertise to help network administrators secure their networks. Or maybe you are a network administrator yourself. All this is indeed possible with the text.

So really the main aboveground audience is probably sysadmins. The book describes how to use freely available network programs like Wireshark to probe a wireless net. More potently, it gives examples of using Man In The Middle techniques to insert yourself as the invisible intermediary in a conversation between a user surfing the Internet and a targeted web server. Once you see this, you can be likely impressed by why MITM is often thought to be a gold standard of attack vectors.

Another strong aspect of the book is how it demonstrates that it is all too easy for an experienced attacker with the right hardware and software tools to detect and intrude on an insecure WEP or WPA network. Turns out that a WPA network is usually stronger than a mere WEP-using network. But don't get complacent. For both types, the lesson of the book is that the simplest countermeasure is to beef up your users' passwords and, of course, your sysadmin password. The speed of modern computers means that brute force dictionary attacks often suffice to find weak passwords.
Was this review helpful to you?
Most Helpful Customer Reviews on (beta) 4.4 out of 5 stars  51 reviews
35 of 37 people found the following review helpful
5.0 out of 5 stars A Must-Have Tutorial on Backtrack 5 and Its Tools Sept. 26 2011
By Seth - Published on
An amazing book. This one wastes no time with a long pre-amble or justifying why you'd need to know how to pen-test; it just tells you what you need to know. You're sniffing wireless traffic right from the start, injecting packets by page 40 or so, and then you're off spoofing MAC addreses, cracking WPA (even shared authentication), and doing man-in-the-middle attacks.

This is not a book that explains a lot of theory and then expects you to figure out how to apply it. It's a finely-tuned set of clear, intentional tutorials that explains how to use the tools, how to get results, and then explains what happened and why. It covers some of the basics (like ifconfig, iwconfig, ping, and a little bit about packet specifications), and then moves on to the heavy-lifters like airmon, aireplay, airodump, wireshark, and others.

While all of these tools have tutorials and manuals online, the way they work together is seldomly explained, and even more rarely are they explained with the clarity and focus of this book. The situations the book covers are realistic wireless network setups that you'll find at businesses, cafes, and homes. There are screenshots on nearly everypage, so it doesn't just explain what to do - it actually shows you.

If you're completely new to pen-testing, this book is where you should start. You should try to learn at least a little bit of Linux before delving into this (but you should be learning that anyway) but this book doesn't assume that you are a pro. It guides you through all of the basic essentials, such as setting up a pen-testing lab environment (configuring your access point, making sure your wireless card is open enough to be configured, and so on), and even how to install Backtrack Linux itself. You will need a good lab environment to use this book effectively, so make sure you have access to a router, two laptops with wireless cards (one to use and one to be the victim), and a usb wireless card to perform packet injection (the book recommends the Alfa AWUS036H).

All in all, whether you're learning this stuff because you're angry at the world and want to mess up wireless networks or because you're a sys admin and need to protect your network from intruders, this is easily the best book on the subject I have found. Too many books on this topic assume that the reader is a "security professional" and uses jargon and lingo without explaining anything. This book sits down with you, gives you the information you need, and you get the results that you wanted. Considering that courses from Backtrack's website start at around $750, this book feels like a hack in itself.
23 of 24 people found the following review helpful
5.0 out of 5 stars Best book to master Wi-Fi Kung Fu Oct. 31 2011
By Nagareshwar Talekar - Published on
Disclaimer: I have received this book from the publisher for special review. And author is good friend of mine. However the review remains genuine and unbiased.

This book is highly technical & written completely from practical perspective. To get the best out of this book you need to parallely follow it up with your own setup as shown in first chapter. And at the end of it, there will be one more Wi-Fi ninja in the air.

Here is the complete chapter by chapter review,

First chapter starts with the famous line from `Abraham Lincoln' pressing on the importance of setting up the play ground,

"If I had eight hours to chop down a tree, I'd spend six hours sharpening my axe."

It lists both hardware/software requirements with 2 Wi-Fi enabled laptops, one injectible Wi-Fi card (Alfa AWUS036H) & a access point. Some more listing of alternative injectible Wi-Fi cards would have been better though. It is often difficult to get the right one especially for those who are outside USA/UK. In my initial days of wardriving, I remember waiting for entire year to get my first injectible USB dongle. And without the right card, you are on the back foot as you can't perform most of the attacks.

Remaining portion of first chapter shows how to install BackTrack, Setting up access point and wireless cards in detail with screenshots. Next one explains in brief about wireless frames and shows how to capture the Wi-Fi packets in the air and inject your own packets using Alfa card.

It goes more interesting with chapter 3 showing how to bypass various wireless security restrictions such as hidden SSIDs, defeating MAC filters, bypassing WEP authentication etc. Next it shows how to really crack those 128 bit WEP keys using aircrack-ng tool. Finally it describes how we can use these cracked WEP/WPA passphrase to decrypt wireless data packets and directly connect to WEP/WPA network.

Chapter 5 explains various Denial of Service (DoS) attacks including De-Authentication, Dis-Association, CTS-RTS attack & spectrum jamming. It also shows how one can perform `Evil Twin' attack against legitimate Access point and how to setup rogue access point to gain backdoor entry into the network.

Often the weakest point lies at the client side, so the chapter 6 goes to describe all those attacks one can perform on wireless clients including Honeypot and Mis-Association attacks, Caffe Latte attack, De-Authenticaton and Dis-Association attacks, Hirte attack, AP-less WPA-Personal cracking etc. Next one shows how to perform wireless based Man-in-the-Middle (MITM) attacks and then use it for sniffing and hijacking of user sessions.

Chapter 8 focuses on WPA-enterprise based attacks such as exploiting the weakness in PEAP, EAP-TLS protocols. It ends with recommendation on secure wireless configuration using `WPA2-PSK with a strong passphrase' for smaller/medium size organizations and `WPA2-Enterprise with EAP-TLS' for larger organizations.

Final chapter touches very briefly on pen testing methodologies and then goes more into wireless pen testing using the attacks explained in previous chapters. It starts with step by step of discovery of wireless devices, finding unauthorized clients, rogue access points and then cracking the wireless encryption using the attacks demonstrated in previous chapters.

Highlights of the Book

* Very well written and enjoyable to read
* Practical and includes latest stuff from wireless field
* Every attack technique is very well shown with complete technical details and illustrative screenshots.
* Includes action items for reader to explore more and gain more expertise
* Pop Quiz at the end of each chapter ensures that you were not dozing off

After reading this book completely, one thing is sure that you would like to change its title from "Beginners guide" to "Not just Beginners guide". Even though its his first book, I am amazed with his style of writing and `connecting with reader' mentality making it easier to grasp and enjoyable to read on.

And here comes the final verdict,

"Written by wireless expert, this book goes beyond the words and highly recommended to anyone willing to master Wi-Fi Kung Fu."
23 of 28 people found the following review helpful
2.0 out of 5 stars Not What I Expected March 31 2012
By R. Gravell - Published on
Format:Paperback|Verified Purchase
I was very disappointed with the content of this book, and in some cases that was my fault for having incorrect expectations about the content, and other times it was the book's fault (blame can be spread to the author, proofreader, etc.). I had expected theory based coverage of many of the tools present in the Backtrack distribution, along with examples of what they exploit and how to implement them. What I got was coverage mostly of the aircrack suite (along with a few other tools supplementing it along the way) that was based largely upon copying the code that was on the page while changing a few variables. There is plenty of implementation of the attacks, but the space in the book could have been far better used.

As another reviewer pointed out, the pages regularly consist of 50-90% screenshots of commands being run and the resulting output. In general I think this is a good idea, as it lets the reader know exactly what the command should look like when it is typed in and what they should expect to see for output. This is taken to ridiculous extremes, such as when the author instructs to change the wireless protection on the AP, there are repeated screenshots of his setup. Maybe the first one had purpose, but showing it every time is just padding.

And for as little content I feel was covered in the book, there sure was a lot of padding, and I mean beyond the "make sure packets are being collected by running Wireshark" with an accompanying picture of a Wireshark capture (repeatedly). De-authentication attacks are used twice prior to being introduced as a means of a DoS attack, and yet instead of covering something new (such as the Dis-Association attack which is left to the reader to figure out on their own) the author decides to plow through and describe how to send de-authentication packets for a third time. Using aircrack to implement the Caffe-Latte and Hirte attacks are both covered separately, despite the fact that they differ by a single command line argument. It genuinely baffles me why the author chose to recover extremely similar attacks and in some cases the exact same material, while leaving others as assignments for the reader.

I am also a bit confused about the level of experience the reader is expected to have before entering. While the book clearly says it is for beginners and the vast majority of its material is presented at a good hand-holding pace for beginners (not an insult at all), there are other times when knowledge is assumed that I am not sure it is safe to be assumed. When I bought a book on Wireshark, it assumed the reader had knowledge of packet structure, yet still gave a very thorough chapter to covering the vital aspects in case the reader was not familiar. This book for beginners assumes a knowledge of how WLAN frames are organized, and gives a cursory 2 pages to explaining it for the uninitiated. In a section on creating network bridges, the ability to use WLAN's on both sides of the bridge is mentioned and left for the reader to implement themselves. However, I have found it to be very different from the method required by ethernet that is covered in the book, and a helpful weblink would have been great if the author did not see fit to actually cover the steps himself.

And there is my criticism with the book. It hammers home and repeats concepts which are mostly summed up as "type exactly what is on the page" and skips over the cryptographic and networking theory, as well as techniques that are constantly mentioned but never actually covered beyond leaving them as an exercise for the reader. I am not opposed to doing external research, but when I feel that I could have just done the research (mostly via and gained the same practical knowledge of how to implement the attacks as well as a more firm understanding of the theory behind them, I cannot say I am happy to have spent $50 on this book.

Again, not all of this falls on the author or the book, as some of it was that my expectations were not in line with what was presented. A lot of topics are covered, a handful of tools (notably aircrack and Wireshark) are given varying degrees of coverage. There are helpful links to get to other material, and the pacing is great for a beginner. But for $50 I expect a lot more content, and a lot less repetition and unnecessary pictures.
8 of 9 people found the following review helpful
5.0 out of 5 stars An Excellent Tutorial Dec 1 2011
By Philip A. Polstra - Published on
I am slated to teach an ethical hacking class this summer (with a trip to Defcon 20 at the end). I originally planned on using a CEH prep book for a text, but decided to go with a couple of real world hacking texts instead. I wanted to have a mix of vulnerability exploitation and wireless pen testing in the course. I immediately thought of looking at this new book by Vivek (@SecurityTube) for the wireless context. Vivek is the founder of SecurityTube and also the author of a 40+ part video series known as the Wireless Security Megaprimer. This megaprimer serves as a basis for the recently introduced SecurityTube Wireless Security Expert (SWSE) certification.

This book is published by Packt Publishing. I was sent an ebook version of the book. I must say that I really appreciate Packt's way of sending a nice non-DRM version of the book for my evaluation. What's to stop me from reselling the book or handing it down to my students (aside from CISSP mofo code of ethics)? At the bottom of every page there is a statement saying this book was created for my sole usage. As a professor, I really like this solution. So many other publishers refuse to send e-books because they are overly concerned about DRM, and don't realize that I can just as easily scan or copy a paper book to hand out if I'm ethically challenged.

So what's in this book anyway? Vivek starts the book with a chapter telling you how to set up an appropriate lab to do all of the things discussed in the book. His directions are straightforward. Vivek recommends an Alpha wireless adapter. I did all the labs in the book with a Hawking HWU8DD high-gain wireless-G dish adapter that I had available and everything seemed to work well. I'm sure that there are other adapters out there that would also work well for anyone using this book.

In the second chapter, Vivek provides a comprehensive overview of why wifi is inherently insecure. From here he goes on to discuss ways of bypassing authentication. In the fourth chapter, Vivek discusses encryption. The conversation goes well beyond what is wrong with WEP and includes ways to speed up WPA/WPA2 cracking as well.

In chapter 5, Vivek talks about attacking the infrastructure. Topics covered include default accounts and DoS attacks. From here the focus is shifted to attacking the client. Naturally, some attention is given to the Caffe Latte attack against WEP that Vivek discovered some years ago. For the record, I think this is one of the cooler attacks given the ability to attack a network that is potentially miles and miles away.

Chapters 7 & 8 deal with more advanced attacks such as man-in-the-middle and attacks against WPA-Enterprise. While not too many people (at least in the USA) seem to be using WPA-Enterprise, it certainly doesn't hurt to know how to attack it should the need arise.

The final chapter discusses wireless pen testing methodology. Concluding thoughts and answers to pop quizzes are found in the appendices.

What do I like about this book? This book is very approachable. Vivek doesn't assume you are starting this book as a wifi or even networking expert. Anyone with half a clue about how networking and wifi work could successfully learn from this book. The book emphasizes doing over theory. Activities to actually try and see for yourself are everywhere in the book. Instead of droning on and on about the theory of this and that and having some exercises at the the end of the chapters, Vivek says do this and see what happens, now do that, then he discusses what has just been seen. I like his teaching style.

I'm sure someone out there will say "Why should I drop $50 on this book, when it essentially parallels the freely available megaprimer on SecurityTube?" My response to this is: first of all, shame on you. Stop being such a cheapskate. Vivek has obviously put a lot of work into developing an excellent tutorial and the man deserves a little compensation. Secondly, even if you have a problem giving up a few dollars for the book over just watching the video, some times you just want to have a book. It is a lot easier to check or refresh your knowledge on something using the book than it is to try and figure out which of the 40+ videos a topic was discussed in. Because the book essentially parallels the video, I would recommend you read the book and watch the videos, especially if you are going through the book on your own.

Now for the bad news. What didn't I like about this book. I thought about it for a while and nothing really comes to mind. I think this is an excellent book for anyone wanting to learn more about wireless security. When you consider that there are 12+ hours of video available to supplement the book (not that I feel this is necessary) $50 is a good deal for this book.
2 of 2 people found the following review helpful
5.0 out of 5 stars Amazing introductory resource! Feb. 22 2013
By Anonymous - Published on
Format:Paperback|Verified Purchase
This is the book that first introduced me to network security. Actually all I wanted to do was learn how to hack my router, and I learned that and so much more. This single book has made me decide to pursue a career in information security. The book itself is written elegantly in very easily understandable terms. It assumes no prior knowledge to the topics included and it is very beginner friendly (as the title suggests.) The author is absolutely brilliant and it is worth noting that this author is the "security tube wifi security expert" course instructor (which I just enrolled in not long ago.) I think I've read this book twice from cover to cover, and probably 10 times over using it for reference. You start the book with no assumed knowledge of linux, backtrack, or wireless pentesting at all, and end the book with the knowledge to conduct a full penetration test on a wireless network from beginning to end. Highly recommend to anyone who wants to learn more about wireless network security. If there was a 10 start option i would have selected that.
Search Customer Reviews
Only search this product's reviews

Look for similar items by category