sdnpwn - An SDN Penetration Testing Toolkit

The Open Networking Foundation defines SDN as “The physical separation of the network control plane from the forwarding plane, and where a control plane controls several devices”. What this means is that the decision making which would traditionally be performed by a router or a switch (i.e. forwarding decisions), is moved to a central device known as a controller. Routers and switches become generic forwarding devices (also known simply as ‘switches’). These forwarding devices, or switches, communicate with the controller at the Southbound Interface (SBI) in order to receive instructions on how to forward network traffic. Applications may communicate with the controller at the Northbound Interface (NBI) to receive network statistics or influence traffic forwarding decisions.

sdnpwn is a toolkit and framework for testing the security of Software-Defined Networks (SDNs). 

First download sdnpwn using git
git clone
Make the and scripts executable
sudo chmod +x
sudo chmod +x
The script takes care installing software required for sdnpwn to function. Just run ./ and follow the instructions.
sudo ./

Functionality in sdnpwn is divided into different modules. Each attack or attack type is available from a certain module.
Modules can be executed like so:
./ <module name> <module options>
The mods module can be used to list all available modules:
./ mods
More information about a certain module can be accessed using the info module:
./ info mods
The above command would retrieve more information about the mods module, such as a description and available options.

Further Information
Check out for articles and tutorials on using various sdnpwn modules and the attacks they use.

sdnpwn - An SDN Penetration Testing Toolkit sdnpwn - An SDN Penetration Testing Toolkit Reviewed by Zion3R on 6:23 PM Rating: 5