Last nights OWASP meetup was hosted by CME in the centre of Belfast at Millenium House. The topic for the meeting was “Pen Testing with a Wifi-Pineapple” – by Leo McCavana. The Wifi Pineapple is a combination of hardware and software which you can use to intercept and monitor wireless communication. The talk covered the capabilities and use cases for the device and mentioned some of the newer models of the unit that are available. Practical uses of the unit including using with BURP the intercepting proxy and SSL stripping were discussed.
The talk was enjoyable and informative – including real world points and experiences from Leo around wireless pen testing and some of the ethical considerations of auditing. The takeaways from the evening were 1) Don’t trust free wifi 2) if you have to use it – take further precautions – vpn and Tor as examples 3) Don’t TRUST FREE WIFI