A good many of us who work in the computer security industry have heard of Dave Aitel. He is the CTO of Immunitysec and has also generously donated his time and skills to develop and release, for free, programs such as SPIKE proxy, Immunitydbg to name but a few. This brings me to the latest commercial product offering from Immunitysec, SILICA. SILICA is a pen-testing tool for Wi-Fi and Bluetooth, which leverages the Immunitysec flagship product CANVAS. SILICA comes in the nice form factor of a PDA. This is one of the features which makes SILICA rather attractive, its very small size. Instead of sitting in the hallway of a high rise office building with your laptop probing a clients Wi-Fi network, you can instead sit there with a small PDA looking rather innocuous. Anyhow, seeing is believing, so let’s take a look at some screen grabs.
First up we see below the SILICA start menu, which is pretty easy to figure out.
Next up is the list of preferences seen below which is fairly intuitive and does not really need explaining. Though if you need some
feel free to drop me a line.
We see below what SILICA looks like while scanning.
Noted below is a list of AP’s that SILICA can associate to and then proceed to scan if so desired.
Lastly, we see what a SILICA report looks like
Anyhow, I don’t want to do "death by screenshot". My point is that SILICA can replace some other very expensive s/w programs which scan for AP’s and nothing more. SILICA will do that and also allow you to leverage CANVAS for a pen-test of them. I have several s/w programs that I have used for Wi-Fi audits in the past. None of them though have afforded me the pen-test capability of SILICA. Let alone the small size of it. Should you wish to read up on it feel free to check it out. I for one would certainly recommend it. In terms of bang for your buck you would be hard pressed to find better.