In this workshop a new all-in-one advanced IP testing framework will be publicly released and presented for first time. This framework, which is based on Scapy (and consequently on Python) incorporates several modules, such as an IPv6 network scanner, an IPv6 vulnerability scanner, an IPv6 proxy, as well as an easy-to-use IPv6 fuzzer. However, apart from these well-known IPv6 attack features already implemented in other magnificent open-source tools, the several modules of this framework will also be able to use some IDS/IPS or even firewall evasion techniques so as to test the effectiveness of the security devices on your environment. However, the most important advantage of this framework is that due to the use of Scapy and Python, it can be pretty easy for everybody, no matter what his previous programming experience is, to dive into the code, understand it, modify it, or even add new features by using just a few lines of code. So, while in Part A of this workshop the usage of this framework will be demonstrated, in Part B, after a brief introduction into Scapy, we all dive into the implemented code of this framework, examine how it works and discuss some tips and tricks regarding the IPv6 packet crafting implementation techniques. At the end of the day, the attendants of this workshop will be able not just to use yet another security framework, but they will also acquire the necessary background to modify and even to enhance the presented framework according to their needs. By doing so, they can go home, test their environment, find any IPv6 security issues and mitigate any risks associated with them. At the very end, we will all try to make the forthcoming IPv6 world a safer place!
Antonios Atlasis is an IT Security researcher with a special interest in IPv6 (in)securities. His work has been presented in several IT Security conferences and it has resulted in the discovery of various IPv6-related vulnerabilities. He is the author of Chiron, an IPv6 specialized and very flexible security assessment tool.