Which network security penetration testing tools support IPv6? What caveats should you know about the ones that do support IPv6?
Recently the team as security firm ERNW published their December 2014 newsletter with the headline “Penetration Testing Tools that (do not) Support IPv6” where they took a lengthy tour through a wide range of security tools to assess their IPv6 readiness. As they say in their introduction, their goals were to:
- Find out which of our favorite penetration testing tools can be used natively using IPv6 as an underlying layer-3 protocol.
- Find alternative solutions for the rest
They specifically only tested open source or free versions of commercial tools and did not test IPv6-specific tools. They were seeking to understand which of the commonly available current (IPv4) test tools also worked well with IPv6.
The bulk of the document (pages 9-51) consists of walk-throughs of exploration of each of the various tools in different categories. They examine the tool, provide screenshots in many cases and then state a conclusion about how well or not the tool supports IPv6.
What I personally found most useful was section 15, the Appendix, starting on page 56 that provided a table view with a list of all the tools tested and a quick summary of how well (or not) the tool supported IPv6.
If you are interested in security testing and specifically for IPv6 networks, this document is definitely worth a read!
And if you are new to IPv6 and want to learn more, please visit our Start Here page to find resources targeted at your role or type of organization.