WiFi Driver Enumeration; wired scanning for driver vulnerability assessment.

WiFiDEnum is the WiFi Driver Enumerator, a Windows tool that assesses wireless driver information on local and remote Windows workstations. Using a database of known wireless vulnerabilities, WiFiDEnum assesses the versions of installed drivers and produces a vulnerability report, identifying systems and specific drivers that are at risk to wireless driver exploit attacks.

WiFiDEnum scans Windows hosts over the infrastructure network (e.g. wired or wireless connections) using the Windows Management Instrumentation (WMI) API. Using the current user or alternate specified authentication credentials, WiFiDEnum extracts registry information on a remote host to identify the wireless drivers that are installed, and the associated version information for each driver.

With the driver version information, WiFiDEnum examines a local MS Access database file that identifies several vulnerable Windows drivers. Using this database information, WiFiDEnum assesses each driver to determine if it is vulnerable, and reports it appropriately.

Once the scan is finished, the user can generate a simple HTML report that identifies all the stations scanner, the wireless driver and version information for each workstation, and any vulnerabilities discovered, along with CVE and WVE links for more information about the vulnerability (wherever possible).

Releases