Exploiting BGP Hijacking Vulnerabilities

When to Use

• Assessing an organization's exposure to BGP prefix hijacking and route leak attacks
• Testing RPKI (Resource Public Key Infrastructure) deployment and route origin validation effectiveness
• Validating BGP monitoring and alerting systems detect unauthorized route announcements
• Simulating BGP hijacking in isolated lab environments to train network operations teams
• Evaluating ISP prefix filtering and route origin authorization (ROA) configurations

Do not use to perform actual BGP hijacking on the live internet, against BGP peers without authorization, or to disrupt real internet routing infrastructure. BGP attacks on production systems are illegal and can cause widespread internet outages.

Prerequisites

• Isolated BGP lab environment using GNS3, EVE-NG, or Containerlab with virtual routers (FRRouting, BIRD, or Cisco IOS)
• Understanding of BGP path attributes, AS path, prefix announcements, and route selection
• Access to BGP looking glass servers and RPKI validators for monitoring real-world route status
• bgpstream, RIPEstat, and BGPalerter tools for route monitoring
• Written authorization for any testing that involves real AS numbers or prefix announcements