Firstly after activating monitor mode on my Alfa AWUS036H adapter, launched airodump-ng on channel 6 and listened for any networks.
Upon seeing the hidden network, I restarted airodump-ng on channel 6 and saved the output to a file called ‘hidden.’
Noticing there was an already authenticated client, I started aireplay-ng and attempted to de-authenticate the client. The successful de-authentication forces an automatic re-authentication to the network revealing that the hidden SSID was in fact Cisco.
After discovering the SSID, starting an ARP Request Replay attack against the network to increase the rate of IV generation and crack the WEP key for the network.