Course Overview

Offensive Security Wireless Attacks (WiFu) introduces students to the skills needed to audit and secure wireless devices. It’s for penetration testers who have completed PWK and would like to gain more skill in network security.

In WiFu, students will learn to identify vulnerabilities in 802.11 networks and execute organized attacks. Each student will set up a home lab to practice the techniques learned in this online, self-paced course.

Successful completion of the course and exam confers the Offensive Security Wireless Professional (OSWP) certification.


Course includes a 4-hour exam.


Learn wireless network security.


Gain access to a virtual penetration testing lab.

Offensive Security Wireless Professional (OSWP)

Earn your OSWP certification.

Certification Process

Once you’ve completed WiFu and practiced in your dedicated personal lab, you’re ready to take the online certification exam.

The OSWP exam has a 4-hour time limit and requires you to connect to our dedicated lab via SSH. You’ll encounter several wireless networks of varying configurations, conduct wireless information gathering, and implement various attacks to get access to the target networks.

As part of the exam, you must submit a comprehensive penetration test report. It should contain in-depth notes and screenshots detailing your findings, including the steps to crack each network.

Real-world Benefits

Successful completion of the exam confers the Offensive Security Wireless Professional (OSWP) certification.

OSWPs are able to identify existing encryptions and vulnerabilities in 802.11 networks. They can circumvent network security restrictions and recover the encryption keys in use. The 4-hour exam also demonstrates that OSWPs are able to perform under imposed time constraints.


Register at least 3 days prior to desired start date.


Purchase the recommended hardware.


Progress through course materials and practice your skills.


Schedule Certification exam within 120 days from course start date.

Offensive Security Wireless Professional (OSWP)

Successfully complete the 4-hour online exam to earn your OSWP certification.

Course Details

Who is this course for?

This course is designed for information security professionals who want to take a serious and meaningful step into the world of wireless penetration testing. This includes:

  • Security Professionals & Enthusiasts
  • Network Administrators


Course Overview & Syllabus

Like other Offensive Security courses, WiFu combines traditional course materials with hands-on practice within a virtual lab environment. The course covers the following topics in detail. View the full syllabus.

  • IEEE 802.11
  • Wireless Networks
  • Packets and Network Interaction
  • Linux Wireless Stack and Drivers
  • Aircrack-ng Essentials
  • Cracking WEP with Connected Clients
  • Cracking WEP via a Client
  • Cracking Clientless WEP Networks
  • Bypassing WEP Shared Key Authentication
  • Cracking WPA/WPA2 PSK with Aircrack-ng
  • Cracking WPA with JTR and Aircrack-ng
  • Cracking WPA with coWPAtty
  • Cracking WPA with Pyrit
  • Additional Aircrack-ng Tools
  • Wireless Reconnaissance
  • Rogue Access Points


Course Reviews


Course Prerequisites

All students must have a solid understanding of TCP/IP and the OSI model, as well as familiarity with Linux. A modern laptop or desktop that can boot and run BackTrack and specific hardware is required to complete course exercises. You can use Kali Linux to take the course, but the exam uses BackTrack.

Below is the recommended compatible hardware for your home labs.

Recommended Wireless Network Routers

  • D-Link DIR-601
  • Netgear WNR1000v2

Recommended Wireless Cards

  • Netgear WN111v2 USB
  • ALFA Networks AWUS036H USB 500mW

For wireless card compatibility, please refer to the Aircrack-ng wiki


What competencies will you gain?
  • Greater insight into wireless offensive security and expanded awareness of the need for real-world security solutions
  • Implementing attacks against WEP and WPA encrypted network
  • Executing advanced attacks such as PRGA key extraction and one-way packet injection
  • Using alternate WEP and WPA cracking techniques
  • Using various wireless reconnaissance tools
  • Understanding of how to implement different rogue access point attacks
  • Familiarity with the BackTrack wireless tools


Supporting your Online Journey
  • 3.5 hours of instructional course video
  • 380-page course guide
  • Active student forums
  • Access to home lab setup

Course Pricing

Are You Ready?

Register for WiFu