This document outlines acceptable use cases and requirements for using this tool responsibly.
Before using this tool, you must have:
- Written authorization from the network/system owner
- Defined scope of testing (specific systems, timeframes, methods)
- Emergency contact information for the asset owner
- Understanding of applicable laws in your jurisdiction
- Incident response plan if something goes wrong
Testing the security of wireless networks you own and operate.
Requirements:
- You own the network equipment
- You own or lease the property where the network operates
- No third-party devices are targeted
Professional security assessments for clients.
Requirements:
- Signed statement of work or contract
- Explicit scope definition
- Get-out-of-jail letter (authorization document)
- Defined rules of engagement
- Professional liability insurance recommended
Learning wireless security concepts in controlled environments.
Requirements:
- Isolated lab environment
- No connection to production networks
- Virtual or dedicated hardware only
- Educational institution authorization if applicable
Participating in authorized security competitions.
Requirements:
- Official competition rules permit tool usage
- Testing limited to competition infrastructure
- Compliance with competition code of conduct
Academic or independent security research.
Requirements:
- Institutional Review Board (IRB) approval if applicable
- Isolated test environment
- Responsible disclosure commitment
- No real user data involved
The following uses are explicitly prohibited:
- Accessing networks without explicit authorization
- Intercepting communications of third parties
- Credential harvesting from unauthorized targets
- Denial of service attacks
- Corporate espionage or competitive intelligence
- Stalking, harassment, or surveillance
- Any activity violating local, state, or federal law
Use this template to document authorization:
Wireless Security Assessment Authorization
Date: _______________
I, _________________________ (Asset Owner), authorize _________________________ (Tester) to conduct wireless security testing on the following:
Scope:
- Network SSID(s): _______________________________
- Physical location(s): _______________________________
- Testing period: From _____________ to _____________
Permitted activities:
- Passive reconnaissance
- Active scanning
- Authentication testing
- Encryption analysis
- Other: _______________________________
Restrictions:
Emergency Contact: _______________________________
Signatures:
Asset Owner: _______________________ Date: _________
Tester: _______________________ Date: _________
Maintain detailed logs of all testing activities:
- Timestamp - When each action was performed
- Target - Specific system or network tested
- Method - Tool and technique used
- Result - Outcome of the test
- Evidence - Screenshots, packet captures (stored securely)
Retain logs for a minimum of one year or as required by your engagement contract.
If you accidentally cause disruption:
- Stop testing immediately
- Document what happened - exact time, actions taken, observed impact
- Contact the asset owner using the emergency contact
- Preserve evidence - do not delete logs or artifacts
- Cooperate fully with any investigation
- Report to appropriate parties as required by law or contract