With a wireless adapter in monitor mode you are able to sniff packet in the air:

at least the one in our range

even if we are not connected to that network

even if it’s not directed to our PC

To do this we need airodump-ng command, part of the aircrack-ng suite.

It a program design to capture packet with a wireless adapter in monitor mode


root@kali:~# airodump-ng wlan0

By default the airodum-ng shows only 2.4Ghz network frequency.

To get 5Ghz wireless frequency add –band a parameter, like this:

root@kali:~# airodump-ng --band a wlan0

Hte main bands are:

  • a, 5Ghz
  • b and g, 2.4Ghz
  • n, 5Ghz an 2.4 Ghz
  • ac lower than 6Ghz

It’s possible to use more than one basnds in the command line. The following command will show both 2.4Ghz and 5Ghz wireless:

root@kali:~# airodump-ng --band abg wlan0

Save sniffed data into a file:

root@kali:~# airodump-ng --bssid E4:8F:34:37:BA:0C --channel 2 --write test wlan0

In this case we write into the “test” file all packets sniffed from network whic mac address is E4:8F:34:37:BA:0C and channel 2.

the encrypted data sent to and from that target network are saved into the “cap” file