WifiZoo v1.3 Released – Passive Info Gathering for Wifi


WifiZoo is a tool to gather wifi information passively. It is created to be helpful in wifi pentesting and was inspired by ‘Ferret‘ from Errata Security.

The tool is intended to get all possible info from open wifi networks (and possibly encrypted also in the future, at least with WEP) without joining any network, and covering all wifi channels.

WifiZoo does the following:

  • gathers bssid->ssid information from beacons and probe responses
  • gathers list of unique SSIDS found on probe requests
  • gathers the list and graphs which SSIDS are being probed from what sources
  • gathers bssid->clients information and outputs it in a file that you can later use with graphviz and get a graph with “802.11 bssids->clients”.
  • gathers ‘useful’ information from unencrypted wifi traffic (ala Ferret,and dsniff, etc); like pop3 credentials, smtp traffic, http cookies/authinfo, msn messages,ftp credentials, telnet network traffic, nbt, etc.

You can download WifiZoo v1.3 here:

wifizoo_v1.3.tgz

Or read more here.

Posted in: Hacking Tools, Privacy, Wireless Hacking

, , ,


Latest Posts:


Nipe - Make Tor Default Gateway For Network Nipe – Make Tor Default Gateway For Network
Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network.
Mosca - Manual Static Analysis Tool To Find Bugs Mosca – Manual Static Analysis Tool To Find Bugs
Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.
Slurp - Amazon AWS S3 Bucket Enumerator Slurp – Amazon AWS S3 Bucket Enumerator
Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan externally or an AWS API to scan internally.
US Government Cyber Security Still Inadequate US Government Cyber Security Still Inadequate
Surprise, surprise, surprise - an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.
BloodHound - Hacking Active Directory Trust Relationships BloodHound – Hacking Active Directory Trust Relationships
BloodHound is for hacking active directory trust relationships and it uses graph theory to reveal the hidden and often unintended relationships within an AD environment.
SecLists - Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.


7 Responses to WifiZoo v1.3 Released – Passive Info Gathering for Wifi

  1. fever April 22, 2008 at 9:14 am #

    sounds like an interesting and very useful tool. think i’ll give it a try. hope it doesn’t disappoint.

  2. arkwin April 22, 2008 at 2:27 pm #

    just stick with aircrack-ng suit.

  3. Morgan Storey April 23, 2008 at 8:22 am #

    Pre my linux learnings I used to use ferret for packet capturing and it was pretty good but yeah I’ll just stick with Kismet, just a “sudo kismet” away, then wireshark and aircrack to interpret the captures.

  4. Keith July 2, 2008 at 3:29 am #

    Wifizoo is a great tool!!!
    And just in case your interest. I’ve further extended Wifizoo by redesigning the gui front end. Can download at my site if you like.

    http://www.killthepage.com/

  5. Navin July 2, 2008 at 9:17 am #

    @ arkwi
    seriously man, aircrack-ng is a great tool but even I’ve wanted to try something new….hope wifizoo (10/10 for the name BTW) can pull one over it

    downloading now!!

  6. Keith July 7, 2008 at 5:44 am #

    The two tools are for different uses. Aircrack-Ng or Kismet is still needed at the moment to control the card and capture data. The Wifizoo tool is merely a cool way of displaying the info, such as msn conversations, ftp data, captured cookies etc.

    Plus you can easily use the captured cookies to hijack gmail sessions for example. You could still do this with airodump-ng and Wireshark, but this tool is just much more convenient for this task. For example if you we’re doing a presentation for non-techies where visual examples have more impact.

    thanks to hernan ochoa!

  7. keith November 5, 2008 at 1:59 am #

    hi all, have updated new site with new Wifizoo EEEPC edition.

    http://www.wifizoo.info