WifiZoo v1.3 Released – Passive Info Gathering for Wifi

The New Acunetix V12 Engine


WifiZoo is a tool to gather wifi information passively. It is created to be helpful in wifi pentesting and was inspired by ‘Ferret‘ from Errata Security.

The tool is intended to get all possible info from open wifi networks (and possibly encrypted also in the future, at least with WEP) without joining any network, and covering all wifi channels.

WifiZoo does the following:

  • gathers bssid->ssid information from beacons and probe responses
  • gathers list of unique SSIDS found on probe requests
  • gathers the list and graphs which SSIDS are being probed from what sources
  • gathers bssid->clients information and outputs it in a file that you can later use with graphviz and get a graph with “802.11 bssids->clients”.
  • gathers ‘useful’ information from unencrypted wifi traffic (ala Ferret,and dsniff, etc); like pop3 credentials, smtp traffic, http cookies/authinfo, msn messages,ftp credentials, telnet network traffic, nbt, etc.

You can download WifiZoo v1.3 here:

wifizoo_v1.3.tgz

Or read more here.

Posted in: Hacking Tools, Privacy, Wireless Hacking

, , ,


Latest Posts:


Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.
Four Year Old libSSH Bug Leaves Servers Wide Open Four Year Old libssh Bug Leaves Servers Wide Open
A fairly serious 4-year old libssh bug has left servers vulnerable to remote compromise, fortunately, the attack surface isn't that big as neither OpenSSH or the GitHub implementation are affected.
CHIPSEC - Platform Security Assessment Framework CHIPSEC – Platform Security Assessment Framework For Firmware Hacking
CHIPSEC is a platform security assessment framework for PCs including hardware, system firmware (BIOS/UEFI), and platform components for firmware hacking.
How To Recover When Your Website Got Hacked How To Recover When Your Website Got Hacked
The array of easily available Hacking Tools out there now is astounding, combined with self-propagating malware, people often come to me when their website got hacked and they don't know what to do, or even where to start.


7 Responses to WifiZoo v1.3 Released – Passive Info Gathering for Wifi

  1. fever April 22, 2008 at 9:14 am #

    sounds like an interesting and very useful tool. think i’ll give it a try. hope it doesn’t disappoint.

  2. arkwin April 22, 2008 at 2:27 pm #

    just stick with aircrack-ng suit.

  3. Morgan Storey April 23, 2008 at 8:22 am #

    Pre my linux learnings I used to use ferret for packet capturing and it was pretty good but yeah I’ll just stick with Kismet, just a “sudo kismet” away, then wireshark and aircrack to interpret the captures.

  4. Keith July 2, 2008 at 3:29 am #

    Wifizoo is a great tool!!!
    And just in case your interest. I’ve further extended Wifizoo by redesigning the gui front end. Can download at my site if you like.

    http://www.killthepage.com/

  5. Navin July 2, 2008 at 9:17 am #

    @ arkwi
    seriously man, aircrack-ng is a great tool but even I’ve wanted to try something new….hope wifizoo (10/10 for the name BTW) can pull one over it

    downloading now!!

  6. Keith July 7, 2008 at 5:44 am #

    The two tools are for different uses. Aircrack-Ng or Kismet is still needed at the moment to control the card and capture data. The Wifizoo tool is merely a cool way of displaying the info, such as msn conversations, ftp data, captured cookies etc.

    Plus you can easily use the captured cookies to hijack gmail sessions for example. You could still do this with airodump-ng and Wireshark, but this tool is just much more convenient for this task. For example if you we’re doing a presentation for non-techies where visual examples have more impact.

    thanks to hernan ochoa!

  7. keith November 5, 2008 at 1:59 am #

    hi all, have updated new site with new Wifizoo EEEPC edition.

    http://www.wifizoo.info