exploiting-ipv6-vulnerabilities
Installation
SKILL.md
Exploiting IPv6 Vulnerabilities
When to Use
- Testing whether dual-stack networks have consistent security controls for both IPv4 and IPv6 traffic
- Demonstrating risks from unmanaged IPv6 on networks where only IPv4 is officially supported
- Exploiting SLAAC and Router Advertisement mechanisms to perform man-in-the-middle attacks via IPv6
- Testing IPv6-aware firewall rules and IDS/IPS detection for IPv6-specific attack patterns
- Identifying IPv6 tunneling protocols (6to4, Teredo, ISATAP) that bypass IPv4-only security controls
Do not use on production networks without written authorization, against systems where IPv6 disruption could cause safety issues, or for denial-of-service attacks against network infrastructure.
Prerequisites
- Written authorization specifying IPv6 testing scope and approved techniques
- Kali Linux with THC-IPv6 toolkit, Scapy, and mitm6 installed
- Network interface with IPv6 support on the target network segment
- Understanding of IPv6 addressing, SLAAC, NDP, and Router Advertisements
- Wireshark for capturing and analyzing IPv6 traffic