We have spoken about probes previously, and how they can be used to identify hidden networks and perform effective rogue access point attacks. They can also be used to identify individuals as targets or track them on a mass scale with minimal equipment.

When a device wishes to connect to a network, it sends a probe request that contains its own MAC address and the name of the network it wishes to connect to. We can use tools such as airodump-ng to track these. However, if we wish to identify whether an individual was present at a specific location at a specific time or look for trends in Wi-Fi usage, we will need to use a different approach.

In this section, we will utilize tshark and Python to collect data. You will receive the code and an explanation of what is being done.