performing-vlan-hopping-attack

Featured

Simulates VLAN hopping attacks using switch spoofing and double tagging techniques in authorized environments to test VLAN segmentation effectiveness and validate switch port security configurations against Layer 2 bypass attacks.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Performing VLAN Hopping Attack ## When to Use - Testing the effectiveness of VLAN-based network segmentation during authorized penetration tests - Validating that switch trunk port configurations prevent unauthorized VLAN access - Assessing whether 802.1Q tagging and native VLAN configurations resist double-tagging attacks - Demonstrating to network teams why proper switch hardening is critical for isolation between zones - Verifying that DTP (Dynamic Trunking Protocol) is disabled on all access ports **Do not use** on production switches without explicit authorization and change management approval, against critical infrastructure VLANs (SCADA, medical devices) without safety controls, or as a denial-of-service vector. ## Prerequisites - Written authorization specifying in-scope VLANs and switches for testing - Physical or virtual access to a switch access port on the target network - Yersinia, Scapy, and frogger VLAN hopping tools installed on Kali Linux - Understanding of 802.1Q trunking, DTP, and VLAN tagging at the frame level - Access to switch CLI for verification of configurations (read-only is sufficient) - Wireshark for capturing and verifying tagged frames > **Legal Notice:** This skill is for authorized security testing and educational purposes only. Unauthorized use against systems you do not own or have written permission to test is illegal and may violate computer fraud laws. ## Workflow ### Step 1: Enumerate VLAN Configuration ```bash # Identify th...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

performing-arp-spoofing-attack-simulation

Simulates ARP spoofing attacks in authorized lab or pentest environments using arpspoof, Ettercap, and Scapy to demonstrate man-in-the-middle risks, test network detection capabilities, and validate ARP inspection countermeasures.

12,642 Updated today
mukul975
AI & Automation Featured

configuring-network-segmentation-with-vlans

Designs and implements VLAN-based network segmentation on managed switches to isolate network zones, enforce access control between segments, and reduce the attack surface by limiting lateral movement paths in enterprise network environments.

12,642 Updated today
mukul975
AI & Automation Featured

exploiting-ipv6-vulnerabilities

Identifies and exploits IPv6-specific vulnerabilities including SLAAC spoofing, Router Advertisement flooding, and IPv6 tunneling during authorized assessments to test dual-stack security controls and IPv6-aware network defenses.

12,642 Updated today
mukul975
AI & Automation Featured

conducting-internal-network-penetration-test

Execute an internal network penetration test simulating an insider threat or post-breach attacker to identify lateral movement paths, privilege escalation vectors, and sensitive data exposure within the corporate network.

12,642 Updated today
mukul975
DevOps & Infrastructure Featured

exploiting-bgp-hijacking-vulnerabilities

Analyzes and simulates BGP hijacking scenarios in authorized lab environments to assess route origin validation, RPKI deployment, and BGP monitoring defenses against prefix hijacking and route leak attacks on internet routing infrastructure.

12,642 Updated today
mukul975