Home

Awesome

VPN arsenal

VPN pentest tools and scripts

Links

https://www.trustwave.com/Resources/SpiderLabs-Blog/Cracking-IKE-Mission-Improbable-(Part-1)/

https://www.trustwave.com/Resources/SpiderLabs-Blog/Cracking-IKE-Mission-Improbable-(Part-2)/

https://www.trustwave.com/Resources/SpiderLabs-Blog/Cracking-IKE-Mission-Improbable-(Part3)/

http://resources.infosecinstitute.com/vulnvpn/

https://insinuator.net/2013/08/vulnerabilities-attack-vectors-of-vpns-pt-1/

https://nohats.ca/wordpress/blog/2015/05/20/weakdh-and-ike-ipsec/

Fake VPN Server

http://www.roe.ch/FakeIKEd

Papers

http://www.sersc.org/journals/IJAST/vol8/2.pdf and

http://www.radarhack.com/dir/papers/Scanning_ike_with_ikescan.pdf

https://www.giac.org/paper/gcih/541/vpn-aggressive-mode-pre-shared-key-brute-force-attack/104625

https://www.ernw.de/download/pskattack.pdf

https://www.infosec.gov.hk/english/technical/files/vpn.pdf

https://www.nccgroup.trust/globalassets/newsroom/uk/blog/documents/2017/06-june/cisco-asa-episode-1-ikev1-exploit-web.pdf

CVE / Exploits

http://www.securiteam.com/securitynews/5EP0K00G1G.html

https://www.nccgroup.trust/uk/our-research/cisco-ipsec-vpn-implementation-group-name-enumeration/

https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2017/june/a-warcon-2017-presentation-cisco-asa-exploiting-the-ikev1-heap-overflow-cve-2016-1287/

https://blog.exodusintel.com/2016/02/10/firewall-hacking/

https://github.com/raghvenrda/pintu/blob/773a2237f9b3620a11d5a4db7702d272cc58273a/modules/auxiliary/scanner/ike/cisco_ike_benigncertain.rb

https://zerosum0x0.blogspot.ru/2016/09/reverse-engineering-cisco-asa-for.html

https://github.com/nixawk/pentest-wiki/blob/master/4.Post-Exploitation/How-to-hack-Cisco-ASA-with-CVE-2016-6366.md

https://www.rapid7.com/db/modules/auxiliary/admin/cisco/cisco_asa_extrabacon

https://github.com/RiskSense-Ops/CVE-2016-6366

https://www.exploit-db.com/exploits/39823/

https://github.com/adamcaudill/EquationGroupLeak/tree/master/Firewall/TOOLS/BenignCertain/benigncertain-v1110

http://blog.csdn.net/nixawk/article/details/52705184

Tools

http://ikecrack.sourceforge.net/

https://github.com/KMGbully/ikebrute

https://github.com/SpiderLabs/ikeforce

http://svn.unix-ag.uni-kl.de/vpnc/

Bruteforce

https://hashcrack.org/crackq/page?n=ike