Cradicle Explorer
CyberSec_Notes
/ Resource & References / Tools / airodump-ng.md
airodump-ng.md
 1  **1. Description:**
 2  - Airodump-ng is a powerful packet capturing tool used in wireless network auditing and penetration testing.
 3  - It is part of the Aircrack-ng suite and is primarily designed for monitoring and analyzing Wi-Fi networks.
 4  
 5  **2. Key Features:**
 6  - **Wireless Packet Capture:** Captures packets from wireless networks to analyze traffic and identify vulnerabilities.
 7  - **Network Discovery:** Lists available wireless networks, their signal strength, encryption types, and connected clients.
 8  - **Handshake Capture:** Captures WPA/WPA2 handshakes for later cracking with tools like Aircrack-ng.
 9  - **Geolocation:** Provides GPS support to map the location of captured networks and clients.
10  
11  **3. Advantages:**
12  - **Comprehensive:** Supports a wide range of wireless protocols and encryption types.
13  - **Real-Time Monitoring:** Allows for real-time monitoring of network traffic, making it ideal for active assessments.
14  - **Open Source:** Free to use and continuously updated by a vibrant community of contributors.
15  - **Cross-Platform:** Available on multiple operating systems, including Linux, macOS, and Windows.
16  
17  **4. Disadvantages/Limitations:**
18  - **Complexity:** Requires a certain level of technical knowledge to use effectively, particularly for beginners.
19  - **Limited to Wireless Networks:** Primarily focused on wireless traffic, so it is not suitable for wired network assessments.
20  
21  **5. Use Cases in Cybersecurity:**
22  - **Penetration Testing:** Employed by ethical hackers to evaluate the security of wireless networks and identify weaknesses.
23  - **Network Auditing:** Used by network administrators to audit wireless networks for unauthorized access and vulnerabilities.
24  - **Security Research:** Helpful for researchers studying wireless protocols and encryption methods.
25  
26  **6. Basic Usage:**
27  
28  To use Airodump-ng effectively, you can utilize various command-line options. Here are some common examples:
29  
30  - **Start monitoring mode on a specific wireless interface:**
31    ```
32    airmon-ng start wlan0
33    ```
34  - **Capture packets from a specific channel:**
35    ```
36    airodump-ng --channel <channel> wlan0mon
37    ```
38  - **Save captured packets to a file:**
39    ```
40    airodump-ng -w output_file wlan0mon
41    ```
42  - **Filter results by specific BSSID:**
43    ```
44    airodump-ng --bssid <BSSID> -c <channel> -w output_file wlan0mon
45    ```
46  
47  Airodump-ng is an essential tool for anyone involved in wireless network security, providing crucial insights into network activity and potential vulnerabilities.