"Do you need to come on-site for wireless testing?"

"No not necessarily, Project Black maintains [remote testing probes](https://projectblack.io/blog/australia-wide-internal-network-penetration-testing/) that can be deployed on-site during an assessment. For multi-site environments, we can arrange visits or deploy probes at each location."

"What types of wireless attacks do you test for?"

"Our wireless assessments cover WPA2 and WPA3 weaknesses, PMKID and EAPOL handshake capture, evil twin and rogue access point attacks, client isolation bypass, RADIUS configuration weaknesses, and network segmentation validation between wireless and wired networks."

"Do you test both staff and guest wireless networks?"

"Yes. Both networks are assessed, and a key part of wireless testing is validating that guest network access cannot be leveraged to reach internal systems or other guest devices. We specifically test the segmentation boundary between them."

"Can you test wireless networks at multiple office locations?"

"Yes. We can conduct on-site visits or deploy wireless probes to multiple locations. Scope and pricing for multi-site assessments are discussed and agreed during the scoping phase."

"What is an evil twin attack?"

"An evil twin is a rogue access point configured with the same SSID as a legitimate corporate network. Devices previously connected to the real network can automatically connect to the attacker-controlled access point, enabling credential capture and man-in-the-middle attacks. We test whether your environment is susceptible to this."

"What credentials or access do you need from us?"

"For most wireless assessments we begin with no credentials, simulating an attacker in physical proximity. Generally for guest networks if we aren't able to obtain access we will request credentials so that we can validate segmentation works correctly."

Penetration Testing

Wireless Network Penetration Testing

Secure your wireless infrastructure against attackers who could be sitting in your parking lot. Our wireless network testing identifies vulnerabilities in your WiFi networks that could allow unauthorised access to your internal systems.

Secure Your WiFi

What is Wireless Network Penetration Testing?

Wireless Penetration Testing evaluates the security of Wi-Fi networks by identifying vulnerabilities in encryption protocols, access controls, and network segmentation. Testing includes attacks such as rogue access points, client disassociation, and credential capture to assess the risk of unauthorised access or data interception.

Our Engagement Process

T-14 days

Scoping

Our scoping process begins with identifying all wireless networks in scope, including staff and guest networks. We work with you to understand your wireless infrastructure and define the physical boundaries of testing.

This phase ensures we have a comprehensive view of your wireless footprint while respecting any testing limitations.

T-7 days

Remote Testing Probe Setup

Our wireless testing probes allow us to conduct wireless network assessments remotely without requiring constant on-site presence. Once deployed, these probes automatically connect back to our testing infrastructure and provide continuous monitoring capabilities.

Start of Testing

Testing begins with our team conducting both passive and active wireless assessments. We use specialised wireless testing hardware to identify potential security weaknesses.

Any critical vulnerabilities discovered during testing are reported immediately to allow for swift remediation.

T+14 Days

Report Delivery and Debrief

Upon completion of testing, we deliver a comprehensive report detailing all discovered vulnerabilities, their potential impact, and specific recommendations for remediation.

Our debrief session walks through the findings in detail, ensuring your team understands the risks and has a clear roadmap for implementing security improvements.

Why Wireless Network Testing?

Protect Against Physical Proximity Attacks

Identify vulnerabilities that could allow attackers within physical range to gain unauthorised access to your wireless networks and internal systems.

Secure Guest Access

Ensure your guest wireless networks are properly segmented and that public access restrictions and terms of service cannot be bypassed.

Validate Network Segmentation

Verify that your wireless networks are properly segmented and that compromising one network doesn't grant access to your entire infrastructure.

Meet Compliance Requirements

Many regulatory frameworks require regular wireless security assessments. Our testing helps you maintain compliance while improving your security posture.

Our Wireless Testing Methodology

Our wireless network testing methodology is designed to identify vulnerabilities in both internal and public wireless networks, ensuring comprehensive coverage of your wireless infrastructure.

Internal Staff Networks

For wireless SSIDs restricted for internal staff members, Project Black will evaluate misconfigurations which could allow an attacker with physical proximity to gain access to the network.

Authentication bypass attempts
Encryption protocol weaknesses
Password policy compliance
WPA/WPA2/WPA3 configuration review
Evil twin attack scenarios
Client-side vulnerabilities

Public Access Networks

For wireless SSIDs intended to be open to the public, Project Black will evaluate:

The ability for members of the public to enumerate and reach assets on the internal network
If there are terms of use that require acceptance or internet access restrictions, Project Black will test for ways to bypass these restrictions
Network segmentation effectiveness
Access control mechanisms
Captive portal security

Our testing methodology is regularly updated to address emerging wireless security threats and attack vectors.

Frequently Asked Questions

Do you need to come on-site for wireless testing?
No not necessarily, Project Black maintains remote testing probes that can be deployed on-site during an assessment. For multi-site environments, we can arrange visits or deploy probes at each location.
What types of wireless attacks do you test for?
Our wireless assessments cover WPA2 and WPA3 weaknesses, PMKID and EAPOL handshake capture, evil twin and rogue access point attacks, client isolation bypass, RADIUS configuration weaknesses, and network segmentation validation between wireless and wired networks.
Do you test both staff and guest wireless networks?
Yes. Both networks are assessed, and a key part of wireless testing is validating that guest network access cannot be leveraged to reach internal systems or other guest devices. We specifically test the segmentation boundary between them.
Can you test wireless networks at multiple office locations?
Yes. We can conduct on-site visits or deploy wireless probes to multiple locations. Scope and pricing for multi-site assessments are discussed and agreed during the scoping phase.
What is an evil twin attack?
An evil twin is a rogue access point configured with the same SSID as a legitimate corporate network. Devices previously connected to the real network can automatically connect to the attacker-controlled access point, enabling credential capture and man-in-the-middle attacks. We test whether your environment is susceptible to this.
What credentials or access do you need from us?
For most wireless assessments we begin with no credentials, simulating an attacker in physical proximity. Generally for guest networks if we aren’t able to obtain access we will request credentials so that we can validate segmentation works correctly.

Ready for a Pentest Quote?

Simply fill out and submit the form, and we'll provide you with a quote within hours - unless you fill it in at 3am!

Contact Us:

Phone: 1300 820 390
Email: [email protected]
LinkedIn: /project-black-security-services
Sydney: Level 17, 123 Pitt Street, Sydney NSW 2000, Australia
Melbourne: Level 23, 727 Collins Street, Melbourne VIC 3008, Australia
Privacy Policy

Privacy Policy (November 2023)
This policy outlines how we collect, use, and safeguard your personal information.
Information We Collect & How We Use It
Contact Form: When you use our contact form, we collect your name, email, and phone number. This is used to respond to your inquiries
Microsoft Clarity, Google & Bing Analytics: We use Microsoft Clarity together with Google & Bing Analytics to collect data such as your page views, and visitor behavior on our site. This helps us understand how our website is used to help us improve our site.
We do not share your personal data with any third parties, except as necessary for Microsoft Clarity, Google & Bing Analytics analysis, see their privacy policies for more information.
Data Security
Contact form information is sent via formspree.io as this is a 100% static site to a shared mailbox in Office 365. Access to this mailbox is restricted to specific individuals within our company to ensure the security of your information.
formspree.io helps us archive a copy of the form submission where it is retained for 30 days. If you prefer to contact us directly, you can email us at [email protected] for the same purpose.
Your Rights
You have the right to access, amend, or request the deletion of your personal data. If you have any privacy-related concerns, questions, or requests regarding your personal information, please contact us at [email protected].
Changes to Privacy Policy
Our privacy policy may be updated periodically. Any changes will be posted here and communicated to individuals who have previously submitted forms.
Jurisdiction
This privacy policy adheres to the Australian Privacy Principles.