Chigula — a framework for Wi-Fi Intrusion Detection and Forensics presented at Defcon 2015

by Vivek Ramachandran,

Summary : Most of Wi-Fi Intrusion Detection & Forensics is done today using million dollar products or spending hours applying filters in Wireshark :) Chigula aims to solve this by providing a comprehensive, extensible and scriptable framework for Wi-Fi intrusion detection and forensics.
A non-exhaustive list of attacks which will be detected using this framework include:
Attack tool detection - Aireplay-NG, Airbase-NG, Mdk3 etc.
Honeypot, Evil Twin and Multipot attacks
Rogue devices
Vulnerable clients based on Probed SSIDs
Hosted network based backdoors
MAC spoofing
Deauthentication attacks
Disassociation attacks
Channel Jamming attacks using duration field
Vivek Ramachandran discovered the Caffe Latte attack, broke WEP Cloaking and publicly demonstrated enterprise Wi-Fi backdoors. He is the author of "Backtrack 5: Wireless Penetration Testing" which has sold over 13,000+ copies worldwide. He is the founder of and runs SecurityTube Training & Pentester Academy which has trained professionals from 90 countries. He has spoken/trained at DEF CON, Blackhat USA/Europe/Abu Dhabi, Brucon, Hacktivity etc. conferences.