Tool and Usage
The 0trace.py utility is a rewrite of 0trace (by another author) to perform reconnaissance and bypass network firewalls.
This security tool enables the user to perform hop enumeration (similar to traceroute). Instead of sending actual packets, it uses an established TCP connection.
Why this tool?
The 0trace utility is useful to perform reconnaissance. For example, to see if additional data can be gathered about the network and its devices.
How it works
The benefit of using an established connection is staying off the radar of a firewall. This technique works due to the session being already in a connection table. By using the existing connection and send TTL-based probes, no suspicion will be raised.
0trace.py is a remake by Jon Oberheide of the original 0trace tool by Michal Zalewski.
Usage and audience
0trace.py is commonly used during bypassing security measures or reconnaissance. Target users for this tool are pentesters and security professionals.
Several dependencies are required to use 0trace.py.