*NetStumbler-0.4.0: wireless access point identifier - listens for SSIDs
and sends beacons as probes searching for access points.
* Kismet-2005-08-R: wireless sniffer and monitor - passively monitors wireless traffic
and sorts data to identify SSIDs, MAC addresses, channels and connection speeds.
* Wellenreiter-v1.9: WLAN discovery tool - uses brute force to identify low traffic
access points; hides your real MAC address; integrates with GPS.
* WEP***** 0.1.0: Unix based-pearl aplication encryption breaker - *****s 802.11 WEP
encryption keys using the latest discovered weakness of RC4 key scheduling.
* Airsnort-0.2.7e: encryption breaker - passively monitoring transmissions,
computing the encryption key when enough packets have been gathered.
* Wepwedgie-0.1.0-alpha: for toolkit that determines 802.11 WEP keystreams
and injects traffic with known keystreams in order to ***** WEP in minutes.
* Hotspotter-0.4: Wireless client attacking too.
Most programs are open source, and very useful if you know what your doing.