About Fi6S[Click to get the tool installation package]
Fi6S is a powerful and efficient IPv6 port scanning tool that runs very fast and supports asynchronous sending and processing of raw data packets to achieve its functionality. The design principles and goals of this tool are very similar to Masscan, and it is currently under active development, with more advanced features to be added in future versions.
Tool installation
Since this tool is developed based on C language, we first need to install and configure the C program compilation tool on the local device, such as the latest version of Visual Studio. Next, researchers can use the following command to clone the project source code locally:
git clone https://github.com/sfan5/fi6s.git
Code building/compiling
The tool's code construction in most Linux operating systems is very simple. Next, we take Ubuntu as an example.
After cloning the project code locally, switch to the project directory in the command line terminal, and then run the following commands to complete other components required for code compilation:
cd fi6s/
apt install gcc make git libpcap-dev
Now, run the following commands to compile and build the code:
make BUILD_TYPE=release
At this point, we will be able to find the built Fi6S scanner executable file under the ./fi6s path.
It should be noted that Fi6S has only been fully tested on the Linux operating system and theoretically supports running on other UNIX-like platforms.
Tool usage
The tool is very simple to use. Fi6S will try to automatically perform scanning and detection tasks on the target, such as data sources, router MAC addresses, source IP addresses, etc.:
# ./fi6s -p 80,8000-8100 2001:db8::/120
The above command will perform the following tasks:
1. Scan the 2001:db8::/120 subnet (256 addresses in total);
2. Scan TCP ports 80 and 8000-8100 (102 ports in total);
3. Send as many data packets as possible per second;
4. Output the scan results in list format;
The tool also provides many different ways to specify the address range to be scanned. Use --print-hosts to print all IP addresses, or use --print-summary to get a quick overview of the scan.
Use the fi6s --help command to view more advanced function options and command parameters of the tool.
Banner acquisition
We can use the --banners option to get Banner:
# ip6tables -A INPUT -p tcp -m tcp --dport 12345 -j DROP
# ./fi6s -p 22 --banners --source-port 12345 2001:db8::xx
UDP
UDP scanning does not require dropping packets before they reach the operating system stack, but it is still needed to avoid flooding of ICMPv6 unreachable responses. At this time we only need to provide an additional –udp option:
# ip6tables -A INPUT -p udp -m udp --dport 12345 -j DROP
# ./fi6s -p 53 --banners --udp --source-port 12345 2001:db8::xx
It should be noted that, unlike TCP, in UDP scenarios you will only get useful (or any) results by scanning the ports that Fi6S supports its protocol. At this point, you can use --list-protocals to view the list of available protocols.
License Agreement
This project is developed and released under theGNU open source license agreement.
project address
Fi6S:【GitHub@问门】
References
https://github.com/robertdavidgraham/masscan
As long as you like my article today, my private network security learning materials will be shared with you for free. Come and see what is available.
Network security learning resource sharing:
Finally, I would like to share with you a complete set of network security learning materials that I have studied myself. I hope it will be helpful to friends who want to learn network security!
Getting Started with Zero Basics
For students who have never been exposed to network security, we have prepared a detailed learning and growth roadmap for you. It can be said to be the most scientific and systematic learning route. It will be no problem for everyone to follow this general direction.
1. Learning roadmap
There are a lot of things to learn about attack and defense. I have written down the specific things you need to learn in the road map above. If you can learn them all, you will have no problem taking on private work.
2. Video tutorial
Although there are many learning resources on the Internet, they are basically incomplete. This is a video tutorial on network security that I recorded myself. I have accompanying video explanations for every knowledge point in the roadmap above. [Click to receive the video tutorial]
I also compiled the technical documents myself, including my experience and technical points in participating in large-scale network security operations, CTF and digging SRC vulnerabilities. There are also more than 200 e-books[Click to receive it Technical Documentation]
(They are all packaged into one piece and cannot be expanded one by one. There are more than 300 episodes in total)
3. Technical documents and e-books
I also compiled the technical documents myself, including my experience and technical points in participating in large-scale network security operations, CTF and digging SRC vulnerabilities. There are also more than 200 e-books[Click to receive it Books]
4. Toolkit, interview questions and source code
"If you want to do your job well, you must first sharpen your tools." I have summarized dozens of the most popular hacking tools for everyone. The scope of coverage mainly focuses on information collection, Android hacking tools, automation tools, phishing, etc. Interested students should not miss it.
Finally, here are the interview questions about network security that I have compiled over the past few years. If you are looking for a job in network security, they will definitely help you a lot.
These questions are often encountered when interviewing Sangfor, Qi Anxin, Tencent or other major companies. If you have good questions or good insights, please share them.
Reference analysis: Sangfor official website, Qi’anxin official website, Freebuf, csdn, etc.
Content features: Clear organization and graphical representation to make it easier to understand.
Summary of content: Including intranet, operating system, protocol, penetration testing, security service, vulnerability, injection, XSS, CSRF, SSRF, file upload, file download, file inclusion, XXE, logical vulnerability, tools, SQLmap, NMAP, BP, MSF…
Due to limited space, only part of the information is displayed. You need to click the link below to obtain it
CSDN gift package: "Hacker & Network Security Introduction & Advanced Learning Resource Package" Share for free