Defensive

I don’t have too much to show in the way of purely-defensive tools. I do feel that offensive tools have a strong place in the defensive arsenal, so you may want to check out tools I have listed there.


WiFiDEnum

WiFiDEnum Screenshot

WiFiDEnum Screenshot

I’m very concerned about the threat of wireless driver exploits. Tools like the Metasploit Framework make exploiting wireless driver vulnerabilities fairly straightforward.

WiFiDEnum is a tool while working for a former employer (Aruba Networks). It is a simple tool written in C# using .NET 2.0 that enumerates a Windows XP, Vista or 2003 device for the wireless drivers that are installed. Once the list of drivers is retrieved, WiFiDEnum uses a local Microsoft Access database and identifies any drivers that are known to be vulnerable. After running a scan, the administrator can generate a HTML or XML report identifying the drivers installed and any vulnerabilities. You can scan the local system, a single remote host, or a range of IP addresses.

More information about WiFiDEnum is available at labs.arubanetworks.com. WiFiDEnum is made freely available under the Aruba Free Software License.