CWP Review - 2024

Cover Image for CWP Review - 2024
Marmeus
Marmeus

Table of Contents

    Introduction

    On the 8th of September, I sat for the **WiFi challenge professional (CWP) ** made by Raúl Calvo. So, it is time for another certification where I will give my opinions and some tips to prepare you for the exam.

    What you should expect from the course

    The CWP covers all wireless attacks for the different wireless networks that exists nowadays, from WEP to WPA3.

    Furthermore, it will teach you how to gather information from stations and APs to elaborate future attacks in order to gain access to the victim wireless network.

    Finally, you will be taught a little bit about a real-world WiFi audit experience.

    If you want learn more about the sections of the course , you can find the syllabus through this link.

    The Labs

    Despite other wireless certifications out there, no special hardware is needed for the course. The author of the course provides you a virtual machine where you can practice all the attacks taught during the course, making it easier to study for the exam.

    This machine can be downloaded without buying the course from the WifiChallenge Lab 2.0 web page, where also you will find most of the exercises found in the course.

    If you have already done the challenges, I suggest that you repeat asking Raúl to reset the flags, so that you can keep track and internalize the commands well.

    The exam

    The exam is composed of 5 WiFi networks but you only need to access 4 of them in a period of 6 hours, which is enough time to complete every single network and write the report.

    Because you can attack all the networks since the beginning of the exam, my tip is to tackle the easiest networks and then moving on the next most difficult network.

    A network is considered compromised once you got the flag that resides in the APs web page. In order to obtain the flag you might need or might not some credentials that can be obtained during the attack.

    Because there is no web to submit the obtained flags, you must explain crystal clear all the steps you performed to comprised the network. Also, you need to provide evidence showing both the wpa_supplicant connected to the network and the flag on the web server with the URL.

    In order to write the report, you can use my pentesting template or you can use the templates provided in the course.

    Finally, take into account that course is relatively new and errors might appear on the exam. If you do not see 5 different ESSIDs or something is wrong with your environment do not hesitate to contact Raúl over the specify communication channels.

    Conclusion

    As a final thought, the CWP is the most advanced WiFi certification on the market, if you need to increase your knowledge on WiFi networks or you need to get certified on a WiFi certification go directly to this course. You wont regret it.