Talk With an Expert

SEC617: Wireless Penetration Testing and Ethical Hacking

SEC617Offensive Operations
  • 6 Days (Instructor-Led)
  • 36 Hours (Self-Paced)
Course created by:
James Leyte-VidalLarry Pesce
James Leyte-Vidal & Larry Pesce
SEC617: Wireless Penetration Testing and Ethical Hacking
Course created by:
James Leyte-VidalLarry Pesce
James Leyte-Vidal & Larry Pesce
  • GIAC Assessing and Auditing Wireless Networks (GAWN)
  • 36 CPEs

    Apply your credits to renew your certifications

  • In-Person, Virtual or Self-Paced

    Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months

  • 20 Hands-On Lab(s)

    Apply what you learn with hands-on exercises and labs

Learn to evaluate, assess, and exploit vulnerabilities across Wi-Fi, Bluetooth, RFID, and emerging wireless technologies, empowering practitioners to defend against sophisticated wireless attacks.

Course Overview

Modern organizations often underestimate wireless security, leaving critical infrastructure vulnerable to sophisticated attacks. SEC617 addresses this critical gap by providing security professionals with comprehensive skills to identify, evaluate, and defend against wireless technology threats. From Wi-Fi networks to Bluetooth devices, RFID systems, and software-defined radio, this WiFi hacking course delivers hands-on training that expands your wireless security expertise across multiple technologies and protocols.

What You’ll Learn

  • Detect and neutralize rogue wireless access points
  • Penetrate low-power wireless device vulnerabilities
  • Exploit Bluetooth network authentication gaps
  • Execute advanced WPA2 Enterprise penetration tests
  • Develop custom wireless attack tools efficiently

Business Takeaways

  • Reduce wireless attack surface by identifying overlooked vulnerabilities across technologies
  • Strengthen security posture in critical environments like offices, factories, and data centers
  • Validate and certify devices to support secure procurement and deployment decisions
  • Enhance detection and response for rogue devices and wireless-based intrusions
  • Bridge IT, OT, and physical security through unified wireless threat assessments
  • Support compliance and governance with evidence-based wireless security practices
  • Equip teams with hands-on tools for real-world wireless penetration testing and defense

Course Syllabus

Explore the course syllabus below to view the full range of topics covered in SEC617: Wireless Penetration Testing and Ethical Hacking.

Section 1Wi-Fi Data Collection and Analysis

Explore wireless threat landscapes and fundamental analysis techniques. Learn to identify rogue devices, understand protocol weaknesses, and develop remote penetration testing skills using compromised Windows and macOS systems.

Topics covered

  • Wireless threat characterization
  • Wi-Fi protocol layer analysis
  • Packet capture techniques
  • Rogue access point detection
  • Radio frequency exposure mapping

Labs

  • 802.11 Packet Analysis
  • Monitor Mode and Kismet
  • Identifying Rogue APs

Section 2Wi-Fi Attack and Exploitation Techniques

Develop advanced skills to exploit Wi-Fi vulnerabilities across consumer and enterprise networks. Focus on protocol-level deficiencies and practical attack methodologies.

Topics covered

  • Hotspot network exploitation
  • Client-side Wi-Fi attacks
  • WEP technology vulnerabilities
  • Denial of Service strategies
  • Wi-Fi protocol fuzzing techniques

Labs

  • Client Attacks
  • Wi-Fi DoS attacks
  • Wi-Fi Fuzzing
  • Attacking WEP Networks

Section 3Enterprise Wi-Fi Attacks

Dive deep into WPA2 and WPA3 network assessments, exploring authentication and security modes. Investigate nearest neighbor attacks and operation within constrained environments.

Topics covered

  • WPA2 network penetration
  • Enterprise authentication bypass
  • WPA3 security analysis
  • Nearest Neighbor attacks

Labs

  • Attacking WPA2 Pre-Shared Key Networks
  • Attacking WPA2 Enterprise Networks
  • Attacking WPA3 Networks
  • Command Line Wi-Fi Analysis with Tshark

Section 4Bluetooth and Software Defined Radio Attacks

Examine Bluetooth technologies across classic, enhanced data rate, and low energy protocols. Learn Software Defined Radio techniques for identifying and assessing proprietary wireless systems.

Topics covered

  • Bluetooth pairing vulnerabilities
  • BLE device service exploitation
  • Software-defined radio techniques
  • RF spectrum analysis
  • Wireless signal decoding

Labs

  • Attacking Bluetooth Classic
  • Attacking Bluetooth Low Energy
  • Practical Application of SDR

Section 5Privacy, RFID, Smart Cards, and NFC Hacking

Evaluate RFID technologies, privacy risks, and security vulnerabilities in contactless systems. Develop skills to analyze and exploit smart card and NFC technologies.

Topics covered

  • RFID system components
  • Tracking and privacy attacks
  • Low-frequency RFID exploitation
  • Smart card reconnaissance
  • NFC protocol analysis

Labs

  • Privacy: Spoofing and Detection of Apple AirTags
  • Low-Frequency RFID Tag Decoding and Analysis
  • High-Frequency RFID Tag Attack and Analysis

Section 6Capture the Flag Event

On the last day of class we will pull together all the concepts and technology we have covered during the week in a comprehensive Capture the Flag event. In this hands-on exercise, you will have the option to participate in multiple roles:, attacking recorded Wi-Fi networks, decoding proprietary wireless signals, exploiting smart card deficiencies, and more.

Things You Need To Know

Course Schedule & Pricing

Looking for Group Purchase Options?Contact Us
Filter by:
  • Location & instructor

    Virtual (OnDemand)

    Instructed by James Leyte-Vidal
    Date & Time
    OnDemand (Anytime)Self-Paced, 4 months access
    Course price
    $8,780 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Melbourne, VIC, AU & Virtual (live)

    Instructed by Larry Pesce
    Date & Time
    Fetching schedule..View event details
    Course price
    A$13,350 AUD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Las Vegas, NV, US & Virtual (live)

    Instructed by Monta Elkins
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,780 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    London, GB & Virtual (live)

    Instructed by Monta Elkins
    Date & Time
    Fetching schedule..View event details
    Course price
    £7,160 GBP*Prices exclude applicable taxes | EUR price available during checkout
    Registration Options
  • Location & instructor

    Orlando, FL, US & Virtual (live)

    Instructed by Larry Pesce
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,780 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Washington, DC, US & Virtual (live)

    Date & Time
    Fetching schedule..View event details
    Course price
    $8,780 USD*Prices exclude applicable local taxes
    Registration Options
Showing 6 of 6

Benefits of Learning with SANS

Instructor teaching to a class

Get feedback from the world’s best cybersecurity experts and instructors

OnDemand Mobile App

Choose how you want to learn - online, on demand, or at our live in-person training events

Resources

Get access to our range of industry-leading courses and resources