[ipv6hackers] The state of IPv6 (pen)testing and the future

Fernando Gont fgont at si6networks.com
Thu Jan 24 06:21:43 CET 2013

On 01/24/2013 02:01 AM, Merike Kaeo wrote:
>>> I was doing IPv6 penetration testing classes with labs, between
>>> 2006-2010, leveraging both public tools and those in my private
>>> unreleased libraries. At that time I had over 150 tools that work
>>> well, but it seems the vast majority of the tools have been removed
>>> from the Internet. 
>> Why not putting them (back?) on-line?
>> The fact that there are only to publicly available toolkits (Marc's and
>> mine.. with Marc's being the only one for ages) probably speaks how far
>> we're from where we're supposed to be in terms of IPv6 security.
> I think the main concern is not how many tools we have but do the existing tools cover all the 
> cases that are 'known' that should be tested for a comprehensive pen-test.

I personally think that the number of tools is a datapoint of the level
of evolution (or lack of) in this area.

> Also, can the tool(s) be extensible 
> to add more tests as new scenarios come up (which they will).

In general, you have two types of tools, which kind of serve different

1) THC's IPv6 attack toolkit - like
2) SI6 toolkit - like

"1)" allows you to exploit specific vectors in a straightforward way. So
if you're doing a pentest, and want to try those specific vectors, they
are extremely handy.

"2)" allows you to try any stuff you *understand*, even if the author of
the tools didn't think about those vectors. This extremely flexible, but
I guess might be a bit disappointing for folks running some of the tools
and finding "nothing happened" (i.e., "wtf!?"-like sort of reactions,
together with "what's the magic I should give this tool?"). These tools
are a middle-ground between scapy and THCs :-)

As with everything, you probably want to have both toolkits handy...
each has its uses.

> Joe had helped put the IPv6 toolkit list together in the document I referenced in an earlier post.....it would
> be useful to have an updated list.  While Joe says the majority of tools he'd used (some of which were his) have been
> removed from the Internet I expect some may still exist.  *someone* needs to do the research :)

Well, why do research on this if the author himself can post the tools
for the benefit of us all?  ;-)

Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

More information about the Ipv6hackers mailing list