I have used tools such GRC Shields-Up and ‘pentest-tools’, which test firewalling, check availability of services, look for common bugs and vulnerabilities, run nmaps and so forth.The problem is that some will only work on the ip address that your own current browser is using to talk to the site and don't give you an opportunity to put in an arbitrary target IP address eg GRC. Some do not work with literal numeric IPv6 addresses. For example pentest-tools let's you specify a target domain name but not an IPv6 address and seems to fail with a bogus error if a domain name is given that resolves to an IPv6 address.
btw I think stupid GRC has a design bug in it unless I have misunderstood. On one of the range of optional tests I get a feeling that it thinks that all users are using NAT, so that the src ip address that they are seeing will always be that of a router which is a nat translator, so they take the browser client src address and in some of the tests declare that they are testing your ‘router’ for router model-specific bugs and vulnerabilities when in fact they have no idea what your router’s address is, not unless they traceroute back to your box and stop one hop before but presumably that would be very unreliable - in any event what would they do if your router refuses to play nice with traceroute and chooses not to respond to ICMP? Obviously you are not running a web browser client inside your own default gateway. I somehow can't be bothered to frig up some strange temporary config for my Firebrick router to do NAT just for GRC.
To security-test my raspberry pi I need to be able to enter an ip address, and a testing service has to speak IPv6, since my box only has IPv6 addresses assigned to it (effectively, apart from possible bogus NATed RFC1918 IPv4 addresses which I am not sure about). It has a routable static ipv6 address anyway, and there is a domain name pointing to that.
Anyone know of a good tool on the internet?
Or a volunteer who has ipv6 and the right tools to attack it for me?
BTW Also, does anyone know how to burn the ipv4 addresses assigned to this linux box?
Perhaps I could run my own test tools, obtained from who knows where, coming from another Raspberry pi of my own?