It’s been over a year since sdnpwn was first released, and in that time there have been a lot of updates. In this post I’m going to give a quick overview of the newest latest to be added!
Fingerprinting OpenFlow SDN Controllers
This article looks at a few ways an SDN controller can be identified and how to use the sdnpwn controller-detect module.
When AppSec Meets NetSec: Attacking the SDN Controller Web UI
This article discusses XSS vulnerabilities found in the Floodlight and ONOS controllers. Exploits and mitigation strategies are provided.
Data Plane ARP Cache Poisoning
The Data Plane ARP Cache Poisoning attack explained.
Exploiting OpenDaylight CVE-2017-1000357 with sdnpwn
A description of CVE-2017-1000357 and how to exploit it using sdnpwn.
What is sdnpwn?
An article and tutorial on getting started with the sdnpwn penetration testing toolkit.
Setting up an SDN Testbed
Learn how to create an SDN testbed using Mininet and the Floodlight controller