exploiting-ipv6-vulnerabilities

Featured

Identifies and exploits IPv6-specific vulnerabilities including SLAAC spoofing, Router Advertisement flooding, and IPv6 tunneling during authorized assessments to test dual-stack security controls and IPv6-aware network defenses.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Exploiting IPv6 Vulnerabilities ## When to Use - Testing whether dual-stack networks have consistent security controls for both IPv4 and IPv6 traffic - Demonstrating risks from unmanaged IPv6 on networks where only IPv4 is officially supported - Exploiting SLAAC and Router Advertisement mechanisms to perform man-in-the-middle attacks via IPv6 - Testing IPv6-aware firewall rules and IDS/IPS detection for IPv6-specific attack patterns - Identifying IPv6 tunneling protocols (6to4, Teredo, ISATAP) that bypass IPv4-only security controls **Do not use** on production networks without written authorization, against systems where IPv6 disruption could cause safety issues, or for denial-of-service attacks against network infrastructure. ## Prerequisites - Written authorization specifying IPv6 testing scope and approved techniques - Kali Linux with THC-IPv6 toolkit, Scapy, and mitm6 installed - Network interface with IPv6 support on the target network segment - Understanding of IPv6 addressing, SLAAC, NDP, and Router Advertisements - Wireshark for capturing and analyzing IPv6 traffic ## Workflow ### Step 1: Enumerate IPv6 on the Network ```bash # Check if IPv6 is enabled on the local interface ip -6 addr show # Discover IPv6 hosts on the local link using multicast ping6 -c 3 ff02::1%eth0 # ff02::1 = all-nodes multicast address # Use alive6 from THC-IPv6 toolkit to discover hosts sudo alive6 eth0 # Scan for IPv6-enabled hosts with Nmap nmap -6 --script ipv6-multicast-mld-li...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

exploiting-smb-vulnerabilities-with-metasploit

Identifies and exploits SMB protocol vulnerabilities using Metasploit Framework during authorized penetration tests to demonstrate risks from unpatched Windows systems, misconfigured shares, and weak authentication in enterprise networks.

12,642 Updated today
mukul975
AI & Automation Featured

exploiting-vulnerabilities-with-metasploit-framework

The Metasploit Framework is the world's most widely used penetration testing platform, maintained by Rapid7. It contains over 2,300 exploits, 1,200 auxiliary modules, and 400 post-exploitation modules

12,642 Updated today
mukul975
DevOps & Infrastructure Featured

exploiting-bgp-hijacking-vulnerabilities

Analyzes and simulates BGP hijacking scenarios in authorized lab environments to assess route origin validation, RPKI deployment, and BGP monitoring defenses against prefix hijacking and route leak attacks on internet routing infrastructure.

12,642 Updated today
mukul975
AI & Automation Featured

exploiting-websocket-vulnerabilities

Testing WebSocket implementations for authentication bypass, cross-site hijacking, injection attacks, and insecure message handling during authorized security assessments.

12,642 Updated today
mukul975
AI & Automation Featured

scanning-network-with-nmap-advanced

Performs advanced network reconnaissance using Nmap's scripting engine, timing controls, evasion techniques, and output parsing to discover hosts, enumerate services, detect vulnerabilities, and fingerprint operating systems across authorized target networks.

12,642 Updated today
mukul975