The scanning phase
Scanning is the initial phase of pentesting; the test plan for the entire pentest activity depends on the outcome of the scanning phase. The main objective of this phase is to discover much of the access points and clients operating in the target environment. To perform scanning, we can use laptops, smartphones, or any other device capable of wireless sniffing. In this chapter, we will use a variety of tools available in the Kali Linux distribution in order to detect wireless networks.
Wireless scanning tools, such as airodump-ng or Kismet, can be used to discover and capture traffic from wireless networks. They work on interfaces placed in the monitor mode and hop to different channels in the wireless spectrum in order to collect wireless packets. With most tools, the output is displayed on screen or can be stored in a file for later reference. The collected packets can be analyzed manually, or you can generate visual graphs of networks using analysis tools such as airgraph...