[ad]
Yersinia is a network tool designed to take advantage of some weakeness in different network protocols. It pretends to be a solid framework for analyzing and testing the deployed networks and systems.
It’s a very useful for any network based penetration testing or vulnerability assessment. There isn’t many tools working on Layer 2 and this is ‘the’ one.
Attacks for the following network protocols are implemented (but of course you are free for implementing new ones):
- Spanning Tree Protocol (STP).
- Cisco Discovery Protocol (CDP).
- Dynamic Trunking Protocol (DTP).
- Dynamic Host Configuration Protocol (DHCP).
- Hot Standby Router Protocol (HSRP).
- 802.1q.
- Inter-Switch Link Protocol (ISL).
- VLAN Trunking Protocol (VTP).
Yersinia version 0.7 with 802.1x support has just been release, in addition to this lots of bugfixes and a new GTK interface.
The entire core has been redeveloped to support easy addition of new protocols and attacks, and with the new GTK interface the tool is ready for the masses.
You can download it directly here:
CG says
this book is using the tool to do some switch security
LAN Switch Security: What Hackers Know About Your Switches
http://www.informit.com/store/product.aspx?isbn=1587052563