THC IPv6 Attack Toolkit (thc-ipv6)
Tool and Usage
THC IPv6 attack toolkit a set of utilities. It can be used for penetrating testing and security assessments of correct network implementations.
- parasite6: ICMPv6 neighbor solitication/advertisement spoofer, puts you as man-in-the-middle, same as ARP MitM (and parasite)
- alive6: an effective alive scanng, which will detect all systems listening to this address
- dnsdict6: parallel DNS IPv6 dictionary brute-forcer
- fake_router6: announce yourself as a router on the network, with the highest priority
- redir6: redirect traffic to you intelligently (man-in-the-middle) with a clever ICMPv6 redirect spoofer
- toobig6: mtu decreaser with the same intelligence as redir6
- detect-new-ip6: detect new IPv6 devices which join the network, you can run a script to automatically scan these systems etc.
- dos-new-ip6: detect new IPv6 devices and tell them that their chosen IP collides on the network (DOS).
- trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN
- flood_router6: flood a target with random router advertisements
- flood_advertise6: flood a target with random neighbor advertisements
- fuzz_ip6: fuzzer for IPv6
- implementation6: performs various implementation checks on IPv6
- implementation6d: listen daemon for implementation6 to check behind a firewall
- fake_mld6: announce yourself in a multicast group of your choice on the net
- fake_mld26: same but for MLDv2
- fake_mldrouter6: fake MLD router messages
- fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication
- fake_advertiser6: announce yourself on the network
- smurf6: local smurfer
- rsmurf6: remote smurfer, known to work only against Linux targets at the moment
- exploit6: known IPv6 vulnerabilities to test against a target
- denial6: a collection of denial-of-service tests against a target
- thcping6: sends a handcrafted ping6 packet
- sendpees6: a tool by firstname.lastname@example.org, which generates a neighbor solicitation requests with a lot of CGAs (crypto) to keep the CPU busy.
Usage and audience
THC IPv6 Attack Toolkit is commonly used for network analysis, penetration testing, or security assessment. Target users for this tool are pentesters and security professionals.
- THC IPv6 Attack Toolkit is written in C
- Command line interface
- Support for IPv6
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + Project is mature (10+ years)
- + The source code of this software is available
Supported operating systems
THC IPv6 Attack Toolkit is known to work on Linux.
THC IPv6 Attack Toolkit alternatives
Similar tools to THC IPv6 Attack Toolkit:
Addrwatch is a tool similar to arpwatch to monitor IPv4/IPv6 and ethernet address pairing.
arping is a tool for the discovery of hosts on a computer network using the Address Resolution Protocol (ARP).
ArpON is a host-based tool to improve the security of the Address Resolution Protocol (ARP).