Yersinia alternatives

Looking for an alternative tool to replace Yersinia? During the review of Yersinia we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. Viproy (VoIP security testing)
  2. DHCPwn (DHCP IP exhaustion attack testing)
  3. addrwatch (monitoring of ARP and IP addresses)

These tools are ranked as the best alternatives to Yersinia.

Alternatives (by score)

74

Viproy (viproy-voipkit)

Introduction

Modules


  • Boghe IMS Client PoC Exploits
  • Cisco CDP Spoofer
  • CUCDM Call Forwarder
  • CUCDM Speed Dial Manipulator
  • MITM Proxy TCP
  • MITM Proxy UDP
  • MSRP Client and Library
  • Polycom Configuration Extractor
  • SIP Brute Force
  • SIP Enumerate
  • SIP Invite
  • SIP Message
  • SIP Negotiate
  • SIP Options
  • SIP Proxy Bounce
  • SIP Register
  • SIP Subscribe
  • SIP Trust Hacking
  • SIP/SDP and MSRP PoC Fuzzers
  • Skinny Call
  • Skinny Call Forward
  • Skinny Register

Project details

60

DHCPwn

Introduction

DHCPwn is a security tool used for testing DHCP IP exhaustion attacks. It can also be used to sniff local DHCP traffic, useful for penetration tests.

Project details

DHCPwn is written in Python.

Strengths and weaknesses

  • + The source code of this software is available

    Typical usage

    • Network analysis

    DHCPwn review

    84

    addrwatch

    Introduction

    Similar to arpwatch, this tool addrwatch will monitor the pairing between ethernet and IP addresses.

    Main features:

    • IPv4 and IPv6 address monitoring
    • Monitoring multiple network interfaces with one daemon
    • Monitoring of VLAN tagged (802.1Q) packets
    • Output to stdout, plain text files, syslog, sqlite3, MySQL
    • IP address usage history preserving output and logging

    Project details

    84

    arping

    Introduction

    arping is similar to the 'ping' utility for testing a network and the discovery of systems. Where the 'ping' command typically uses the Internet Control Message Protocol (ICMP), arping uses the Address Resolution Protocol (ARP).

    Project details

    63

    ArpON

    Introduction

    ArpOn protects a system by running as a daemon and guard against a Man in the Middle (MitM) attack due to ARP spoofing, cache poisoning, or an ARP poison routing attack.

    The tool works by using three types of inspection to detect a related attack.

    • SARPI (Static ARP Inspection), statically configured networks (without DHCP)
    • DARPI (Dynamic ARP Inspection), dynamically configured networks (with DHCP)
    • HARPI (Hybrid ARP Inspection), statically and dynamically configured networks (with DHCP)

    Project details

    ArpON is written in C.

    Strengths and weaknesses

    • + The source code of this software is available

      ArpON review

      52

      arp-scan

      Introduction

      The arp-scan utility can be used to detect hosts on the network. As it uses ARP, it only applies to IPv4, as IPv6 uses the neighbour discovery protocol (NDP).

      Project details

      93

      ntopng

      Introduction

      The ntopng replaced the older ntop utility. It now focuses on high-speed traffic analysis and flow collection. Typically this is useful for analysis of network traffic and troubleshooting of overused network links.

      Project details

      ntopng is written in C++.

      Strengths and weaknesses

      • + The source code of this software is available

        Typical usage

        • Network analysis
        • Troubleshooting

        ntopng review

        78

        Scapy

        Introduction

        Scapy can handle tasks like network scanning, tracerouting, probing, unit tests, attacks or network discovery. Due to its manipulation possibilities, Scapy can send invalid frames. It allows you also to inject custom 802.11 frames, or combine other attacking techniques.

        Project details

        Scapy is written in Python.

        Strengths and weaknesses

        • + More than 2000 GitHub stars
        • + The source code of this software is available
        • - Many provided pull requests are still open

        Typical usage

        • Network analysis
        • Security assessment

        Scapy review

        64

        THC IPv6 Attack Toolkit (thc-ipv6)

        Introduction

        Tools:
        - parasite6: ICMPv6 neighbor solitication/advertisement spoofer, puts you as man-in-the-middle, same as ARP MitM (and parasite)
        - alive6: an effective alive scanng, which will detect all systems listening to this address
        - dnsdict6: parallel DNS IPv6 dictionary brute-forcer
        - fake_router6: announce yourself as a router on the network, with the highest priority
        - redir6: redirect traffic to you intelligently (man-in-the-middle) with a clever ICMPv6 redirect spoofer
        - toobig6: mtu decreaser with the same intelligence as redir6
        - detect-new-ip6: detect new IPv6 devices which join the network, you can run a script to automatically scan these systems etc.
        - dos-new-ip6: detect new IPv6 devices and tell them that their chosen IP collides on the network (DOS).
        - trace6: very fast traceroute6 with supports ICMP6 echo request and TCP-SYN
        - flood_router6: flood a target with random router advertisements
        - flood_advertise6: flood a target with random neighbor advertisements
        - fuzz_ip6: fuzzer for IPv6
        - implementation6: performs various implementation checks on IPv6
        - implementation6d: listen daemon for implementation6 to check behind a firewall
        - fake_mld6: announce yourself in a multicast group of your choice on the net
        - fake_mld26: same but for MLDv2
        - fake_mldrouter6: fake MLD router messages
        - fake_mipv6: steal a mobile IP to yours if IPSEC is not needed for authentication
        - fake_advertiser6: announce yourself on the network
        - smurf6: local smurfer
        - rsmurf6: remote smurfer, known to work only against Linux targets at the moment
        - exploit6: known IPv6 vulnerabilities to test against a target
        - denial6: a collection of denial-of-service tests against a target
        - thcping6: sends a handcrafted ping6 packet
        - sendpees6: a tool by willdamn@gmail.com, which generates a neighbor solicitation requests with a lot of CGAs (crypto) to keep the CPU busy.

        Project details

        THC IPv6 Attack Toolkit is written in C.

        Strengths and weaknesses

        • + Project is mature (10+ years)
        • + The source code of this software is available

          Typical usage

          • Network analysis
          • Penetration testing
          • Security assessment

          THC IPv6 Attack Toolkit review

          Some relevant tool missing as an alternative to Yersinia? Please contact us with your suggestion.