The US-based Cyxtera, provider of cybersecurity and analytics solutions, has built the first automated, WiFi-specific vulnerability assessment and penetration testing tool SILICA
The tool exposes what devices behind a vulnerable access point can be compromised. It can analyse 256 hosts simultaneously, detect a compromised host and break through weak network security protocols in 10 minutes on average.
“Most mobile devices are always on, constantly streaming information and scanning for networks. This happens in the background, without your intervention. Devices are so smart they can find networks you’ve been to before and connect you automatically,” said Cyxtera.
As an offence-oriented tool, security analysts can use SILICA to:
– Passively hijack web app sessions for email, social networking and intranet site
– Map a wireless network and identify its relationships with associated clients (devices) and other access points
– Identify vendors, hidden SSIDs and equipment
– Perform man-in-the-middle attacks to find valuable information
– Hijack wireless client connections by impersonating an access point
– Passively inject custom content into the client’s web sessions
– Take full control of wireless clients
– Decrypt and easily view all WEP and WPA traffic
