Important Note: I nor SmartHome Integration, LLC endorce the use of ethical hacking of any network without the written consent of the owner or someone with executive oversite of budgeting and the contractual agreement between both the business or individual conducting an ethical hack and the customer, know that they could be one and the same.
So now that reiterating the obvious is over, lets talk hacking (ETHICALLY). Essentially using just a few utilities within your reach via download, you can gain valuable knowledge of just what social information is being broadcast from your networked devices including wirelessly, that could be used in social engineered attempts to lure information out of you.
Just to share the love since mac folks consider themselves so safe from hacks, did you know ...that Apples OSX10.10 and later MAC Computers have an UNPATCHED Zero Day Vulnerability! But that's no surprise to most of the network community.
During our class we saw lot's of unprotected computers on a local major chain coffee shop.
With a few free utilities and some time reading up on the help documents and FAQs at these sites, you can gain valuable knowledge on how to know where your network weaknesses are and how to close those holes so information isn't stolen by cybercriminals.
As always use this information only in a manner that is honoring and ethical as you conduct yourself with the sensitive information available know as PII or PHI that you have the potential to discover. Devise a plan on how you will deal with that encounter, i.e. Agree with the owner of the document what course of action should be used. This could mean immediately handing it over to the owner or if designated, sister, mother, etc. But this should be all written out and signed by both parties prior to conducting an ethical hack. This could vary based on the nature of how the data is being audited.
AirPcap at http://wireShark.com is a good place to start and http://insecure.org/nmap but only if you already know basic TCP command line utlities suchs as icponfig, nslookup, tracert, etc..