The GPL-licensed, free wicrawl provides an array of tools for poking at a Wi-Fi network and seeing what's vulnerable: The tool can be used for good and evil, of course, but I see a lot of good in it. It comes with a number of modules for prodding a network to see what's exposed. For instance, it can passively monitor traffic in an environment and determine SSID names on closed networks, in which the AP sends no beacon with the network name. However, a station that wants to join the network and knows the SSID does, in fact, send that information in the clear. Closed networks are invulnerable to attack only while no one is connecting to them, in other words.
wicrawl is designed around a plug-in architecture so that it can be extended to have modules for particular purposes, like using nmap to chart traffic patterns and usage, or aircrack to penetrate weak encryption keys. Corporations spend quite large sums for tools that allow them to probe for these kinds of weaknesses; wicrawl could wind up being a tool of choice (as it develops) for smaller firms that want to have the same ability.
Of course, the dark side of this tool is that it will be an even-more-automated method of penetrating weak networks through a comprehensive approach that looks like it could go far beyond tools like Kismet. The existence of these tools should continue to signal vigilance by those who run networks, and reinforces my point about using at least WPA Personal on every non-intentionally-open network.