NoorSentinel

Reproducible Wi-Fi security & compliance evidence

The same capture always produces the same proof.

Upload one authorized Wi-Fi capture. NoorSentinel reads it down to the frame, finds the wireless risks, maps them to the frameworks you choose, and seals the result with a SHA-256 anyone can reproduce — from $12 per capture.

Capture analysis :

A report package for one Wi-Fi capture: executive summary, technical evidence, frame-level findings, confidence, affected BSSID/SSID context, and structured exports.

Compliance mapper :

Everything in Capture Analysis, plus one control-level mapper PDF that shows which selected framework points have issues and what evidence supports each mapping.

Reproducible proof :

Every compliance result carries a SHA-256 fingerprint computed from the findings and mapping. Identical evidence produces an identical hash, so the evidence trail is tamper-evident.

  • Passive file analysis
  • WPA2 · WPA3-SAE · OWE
  • Wi-Fi 7 · MLO · PMF
  • SHA-256 verifiable

Where NoorSentinel fits

Between the packet tool and the checklist.

Analysts have tools that show packets, and tools that talk compliance. Neither produces evidence you can hand an auditor — that gap is the entire product. Here is where NoorSentinel sits against the usual ways teams produce wireless audit evidence.

Capability Wireshark GRC checklist Pentest engagement NoorSentinel
Packet-level evidenceYesNoYesYes
Tells you what's wrongNoPartialYesYes
Maps to compliance frameworksNoYesPartialYes
Reproducible, hash-verifiable proofNoNoNoYes
WPA3 / Wi-Fi 7 depthManualNoVariesBuilt in
Typical costFreeThousands / yearThousands / engagement$12–$40 / capture
TurnaroundManual hoursOngoingWeeksMinutes

Comparison reflects typical use; tools like Wireshark are excellent at what they do — NoorSentinel turns their evidence into a decision and a record.

The finding and the proof arrive together — frame-level evidence, mapped to the controls it affects, sealed with a reproducible fingerprint, from one upload.

Reproducible by design

Evidence with a verifiable fingerprint.

Most security reports are a snapshot you have to trust. NoorSentinel's compliance mapping is deterministic under the same engine version: the same findings and selected-framework evidence produce the same compliance-evidence SHA-256 fingerprint. The public Wi-Fi 7 sample uses the AWS v3 artifact shown on the sample report page.

Compliance-mapping fingerprint

Compliance evidence SHA-256 289e643172984950a6c4050689a1f35f77cbed9080fc590d0ab401b457221a5d
Capture SHA-256 9ca05201d07a5c6b…deba56907

Computed from the compliance evidence artifact, not operational timing.

Why this matters

  • Tamper-evident: change a finding, and the fingerprint changes with it.
  • Independently verifiable: an auditor can reproduce the hash without trusting us.
  • Chain of custody: the same capture is provably the same result, every time.
  • Deterministic core: findings and mapping come from a fixed engine, not a model that drifts.

Engineered for modern Wi-Fi

Decoded to the frame.

A purpose-built 802.11 engine reads what modern wireless actually does — not just that traffic exists, but how it is protected.

The engine

WPA2, WPA3-SAE, OWE, protected management frames, fast roaming, A-MSDU aggregation, mesh, and Wi-Fi 7 multi-link operation are parsed natively. Six detector engines and a correlation layer turn those frames into findings — each one carrying its own evidence.

  • WPA3-SAE
  • OWE
  • PMF (802.11w)
  • FT roaming
  • MLO / Wi-Fi 7 (EHT)
  • EAPOL / PMKID
  • radiotap
  • A-MSDU
  • LOW NETC-03 · MAC Randomization

    Locally administered MAC, 418 frames observed. Confidence 0.90.

  • INFO CRYPTO-11 · PMKID Evidence Observed

    PMKID present in EAPOL-Key evidence for AP EC:F4:0C:9D:6B:E9; WPA3-SAE context present; no offline PSK-cracking claim is made. Frame #1063.

Real findings from the public Wi-Fi 7 sample. Every finding carries an ID, a confidence score, and the frame it came from.

Choose the frameworks you need

Map Wi-Fi evidence to any of 33 frameworks.

Every detected wireless risk can be mapped to the specific controls it affects across the global standards and regional regimes you select.

  • PCI DSS 4.0
  • ISO/IEC 27001:2022
  • ISO/IEC 27002:2022
  • NIST CSF 2.0
  • NIST 800-53 Rev 5
  • NIST 800-171 Rev 3
  • HIPAA Security Rule
  • GDPR
  • EU DORA
  • EU NIS2
  • CIS Controls 8.1
  • CIS Cisco WLC
  • DISA WLAN STIG
  • CMMC L2
  • MITRE ATT&CK
  • UK Cyber Essentials
  • CCPA / CPRA
  • CSA CCM 4.1
  • Australia Essential Eight
  • Singapore Cybersecurity Act
  • UAE PDPL
  • India DPDP
  • Brazil LGPD
  • Canada PIPEDA
  • South Africa POPIA
  • Korea PIPA
  • Japan APPI
  • Japan ISMS (JIS Q 27001)
  • Japan METI Cyber
  • China PIPL
  • China CSL
  • China DSL
  • China MLPS 2.0

Jurisdictions include the United States (incl. California and DoD), European Union, United Kingdom, Canada, Brazil, China, India, Japan, Korea, Singapore, Australia, UAE, and South Africa — plus global PCI and threat-intelligence regimes.

How it works

From capture to defensible evidence.

Four steps. No packet-forensics project, no spreadsheet archaeology.

  1. Capture — you're authorizedPCAP / PCAPNG
  2. Upload securely≤ 100 MB
  3. Engine analyzes the capturein minutes
  4. Download the packagereport archive

New to wireless captures? See how to make one in the FAQ below.

Delivery package

Choose the package that matches the job.

  • Capture AnalysisWi-Fi analysis executive PDF, technical evidence PDF, structured findings, and CSV exports for one authorized capture.
  • Compliance MapperEverything in Capture Analysis plus a control-level mapper PDF and compliance evidence JSON for the frameworks you choose.
  • Findings JSONStructured finding data for security pipelines and internal tooling.
  • CSV exportsSpreadsheet-ready triage data for review, sorting, and handoff.
  • Framework selectionPick the framework or frameworks that matter to the buyer. The price stays per capture.
  • Stable archiveDownloadable result package with the submitted file name carried through the workflow.

Analyze a capture

Upload one authorized Wi-Fi capture, then choose Wi-Fi analysis or compliance mapping.

Choose report type
Drop one capture here or choose a file PCAP, PCAPNG, CAP, and compressed capture files up to 100 MB
    Compliance frameworks to test against

    Included in the $40 compliance mapper. Choose one framework or several — the mapper covers exactly what you pick, nothing more.

    0 selected

    Payment & financial

    ISO & cloud

    US security frameworks

    US government & defense

    EU & UK

    Wireless & threat

    Privacy & regional

    Japan

    China

    Authorized list (optional)
    Accepted: JSON with trusted_bssids and trusted_ssids, or TXT with one BSSID or SSID per line.
    JSON 
    {
  "trusted_bssids": ["AA:BB:CC:DD:EE:FF"],
  "trusted_ssids": ["Corporate-WiFi"]
}
    TXT 
    # comments allowed
AA:BB:CC:DD:EE:FF
Corporate-WiFi

    Need more than 100 MB? Contact admin@noorsentinel.com.

    • Secure checkout by Paddle
    • Offline, passive file analysis
    • Time-limited downloads
    • No card details stored

    Questions

    Good to know before you upload.

    How do I make a Wi-Fi capture?

    You need a capture taken in monitor mode with radiotap headers — the kind Wireshark, tcpdump/dumpcap, or airmon-ng produce. On Linux: put your adapter into monitor mode, capture on the target channel, and save as PCAPNG.

    A guided capture tool that does this for you is on our roadmap. Until then, any standard 802.11 monitor-mode capture works.

    Is my capture data safe?

    Analysis is offline, passive, and file-based — NoorSentinel never touches your live network. You upload a capture file; we analyze it to generate your report; the download link is time-limited.

    Checkout runs through Paddle, so NoorSentinel does not store card numbers. See the Privacy page for full data handling.

    What exactly do I get?

    Capture Analysis returns Wi-Fi analysis executive and technical PDFs with structured exports. Compliance Mapper adds a control-level selected-framework mapper PDF and a reproducible SHA-256 compliance fingerprint.

    Does it work on WPA3 and Wi-Fi 7?

    Yes. WPA3-SAE, OWE, protected management frames, fast roaming, and Wi-Fi 7 multi-link operation are parsed natively. The public sample on this site is a real Wi-Fi 7 (BE200) capture.

    Is this Wi-Fi only?

    Today, yes — NoorSentinel focuses on 802.11 wireless evidence, and does it deeply. Broader capture types are on the roadmap.

    What we guarantee. We don't guarantee your Wi-Fi is secure — no honest tool can, and that was never our job. What we guarantee is the result: every finding is tied to the exact frame that produced it, nothing is invented beyond what the capture proves, and the same capture always yields the same SHA-256. That precision is the product. When evidence shows a PMKID, we report the PMKID — we don't inflate it into a cracked password. Disciplined, traceable, reproducible: that is a promise we keep on every run.