T50 Sukhoi PAK FA Mixed Packet Injector (f.k.a. F22 Raptor) is a tool designed to perform "Stress Testing". It is a powerful and an unique packet injection tool, that is capable of: 1. Send sequentially (i.e., ALMOST on the same time) the following protocols: - ICMP: Internet Control Message Protocol - IGMP: Internet Group Management Protocol - TCP: Transmission Control Protocol - UDP: User Datagram Protocol
2. Send an (quite) incredible amount of packets per second, making it a second to none tool: - More than 1,000,000 pps of SYN Flood (+50% of the networks uplink) in a 1000BASE-T Network (Gigabit Ethernet). - More than 120,000 pps of SYN Flood (+60% of the networks uplink) in a 100BASE-TX Network (Fast Ethernet). 3. Perform Stress Testing on a variety of network infrastructure, network devices and security solutions in place. 4. Simulate Denial-of-Service attacks, validating the Firewall rules and Intrusion Detection System/Intrusion Prevention System policies. Further information can be found @ http://fnstenv.blogspot.com (demo video and source code). PS: Yes, there are some "anti-kiddo" tricks, so, please, don't blame me for doing that... The new version of the "T50 Sukhoi PAK FA Mixed Packet Injector" (v5.2-NG) will be unleashed on "WEB Security Forum" (http://websecforum.com.br/evento/ / April 9th-10th 2011 / São Paulo, Brazil). The next release will include: 1. New License: It is still not licensed under GPL or any other common Open-source license, but the source code will be available and the use of any piece of source code for any free or commercial software is denied. 2. CIDR Support: Classless Inter-Domain Routing support for destination IP address, using a really tiny C algorithm. This would allow the "T50 Sukhoi PAK FA Mixed Packet Injector" to simulate DDoS in a laboratory environment. 001 netmask = ~(0xffffffff>>cidr); 002 hostid = (int)(pow(2,(32-cidr))-2); 003 __1st_host = (ntohl(addr)&netmask)+1; 004 __lst_host = (ntohl(addr)&netmask)+hostid; 3. TEN NEW Protocols: TEN (10) more protocols supported by "T50 Sukhoi PAK FA Mixed Packet Injector" (IGMPv3, EGP, DCCP, RSVP, RIPv1, RIPv2, GRE, ESP, AH and EIGRP). 4. Exotic Protocols: Advanced options and protocol crafting for EIGRP and GRE were added, allowing users to make any combination while using those exotic protocols. By the way, EIGRP is a proprietary protocol developed by CISCO Systems, Inc. 5. TCP Options Support: TCP Options (MSS, NOP, EOL, WSCALE, TSTAMP, T/TCP CC and SACK) are supported to improve the TCP protocol. 6. DATA Payload Support: The data payload support is back, and it can be rand or user defined. Best regards. Nelson Brito Security Researcher http://fnstenv.blogspot.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
