Wireless penetration testing that secures the airwaves.
Your wireless networks extend the attack surface beyond your walls. SubRosa tests WiFi infrastructure, protocols, and configurations, plus Bluetooth and RF, so an attacker cannot pivot in over the air.
WiFi · WPA2/WPA3 · Rogue AP · Bluetooth · RF
What is wireless penetration testing?
Wireless penetration testing assesses the security of your WiFi and other radio-based networks: encryption and authentication (WPA2, WPA3, 802.1X/EAP), rogue and evil-twin access points, network segmentation, and RF technologies like Bluetooth, RFID, and NFC. The goal is to prove whether an attacker within radio range could get onto your network or pivot deeper, and to close the gaps that let them.
Every wireless vector that matters.
Specialized testing across all the wireless technologies and protocols in your environment.
WiFi security assessment
Encryption analysis, authentication bypass, and configuration review across your enterprise and guest WiFi networks.
Rogue AP & evil twin
Detection and exploitation of rogue and evil-twin access points to validate client behavior and wireless segmentation.
Protocol & enterprise auth
Testing of WPA2 and WPA3, 802.1X, and EAP enterprise authentication for weaknesses that enable unauthorized access.
Bluetooth & RF
Assessment of Bluetooth, RFID, and NFC devices and protocols for flaws in pairing, authentication, and data transmission.
Into the RF attack surface.
RF-aware testing
We test the full radio attack surface, WiFi, Bluetooth, and RF, not just a WiFi password audit, because that is where attackers actually pivot.
Segmentation focus
We validate that a foothold on wireless cannot become a foothold on the rest of the network, testing segmentation and monitoring end to end.
Real exploitation
We safely exploit what we find to prove real impact and confirm your controls hold, rather than handing you a list of theoretical issues.
From report to remediation.
Your wireless pen test findings land in Sable, prioritized, assigned, and tracked from open to retested, so remediation becomes a managed workflow instead of a PDF that gets forgotten.
- CriticalOpenEvil-twin captures corp credsWiFi
- HighIn progressEAP misconfig allows bypass802.1X
- HighRetestedNo isolation from corp VLANGuest
- MediumOpenLegacy pairing on badge readersBluetooth
Secure your networks over the air.
Book a wireless penetration test and find out exactly what an attacker within range could reach, and how to shut it down.