Most of Wi-Fi Intrusion Detection & Forensics is done today using million dollar products or spending hours applying filters in Wireshark :) Chigula aims to solve this by providing a comprehensive, extensible and scriptable framework for Wi-Fi intrusion detection and forensics.
A non-exhaustive list of attacks which will be detected using this framework include:
- Attack tool detection - Aireplay-NG, Airbase-NG, Mdk3 etc.
- Honeypot, Evil Twin and Multipot attacks
- Rogue devices
- Vulnerable clients based on Probed SSIDs
- Hosted network based backdoors
- MAC spoofing
- Deauthentication attacks
- Disassociation attacks
- Channel Jamming attacks using duration field