DEF CON 26 PACKET HACKING VILLAGE - Alex Stanev - wpa sec The Largest Online WPA Handshake Database
Started as pet project in 2011, wpa-sec collects WPA handshake captures from all over the world. Contributors use client script to download handshakes and special crafted dictionaries to initiate attack against PSKs. With more than 115 GB captures from 240 000 submissions, collected samples represent invaluable source for wireless security research. This includes:
Many improvements for emerging wireless security tools like hcxtools suite (https://github.com/ZerBea/hcxtools)
Identified default PSK key generation algorithms, used by various ISPs. Those, along with fixes for current implementations get in RouterKeygen project (https://github.com/routerkeygen/route...). Many more to come, based on current research activities
Performance optimizations for WPA crackers
Identified some linux kernel driver bugs
During the talk I will explain how wpa-sec works, provide statistics and a lot internals on optimization and how to use the database as OSINT source during pentests and red team actions.