It’s been over a year since sdnpwn was first released, and in that time there have been a lot of updates. In this post I’m going to give a quick overview of the newest latest to be added!
Fingerprinting OpenFlow SDN Controllers
This article looks at a few ways an SDN controller can be identified and how to use the sdnpwn controller-detect module.
When AppSec Meets NetSec: Attacking the SDN Controller Web UI
This article discusses XSS vulnerabilities found in the Floodlight and ONOS controllers. Exploits and mitigation strategies are provided.
Data Plane ARP Cache Poisoning
The Data Plane ARP Cache Poisoning attack explained.
What is sdnpwn?
An article and tutorial on getting started with the sdnpwn penetration testing toolkit.