As wireless becoming an integral part of any business network, attackers have modified their traditional attack plan to cover attack against wireless network architecture. The attackers no longer need to be physically connected to the network switch to carry out attack against the local network and backend servers. They can conveniently carry out all these malicious activities from a parking lot or anywhere over the thin air.

ECQ's wireless penetration test helps identify exploitable security vulnerabilities of a wireless network and simulate the attack actions that a real world attacker would carry out. In general, ECQ will attempt to breach the wireless network through two different modes of attack: wireless architecture and wireless clients.

Wireless architecture assessment focuses mainly on assessing the security of the access point and the overall architecture such as segementation, configuration, encryption, authentication, and authorization.

Wireless clients assessment requires ECQ to discover and compromise wireless clients of the organization and use that as a leverage to infiltrate deeper to the internal network. Techniques used in this phase include man-in-the-middle attack, evil twin AP, DNS spoofing and live content injection, and exploitation against vulnerable firmware or devices.