fragrouter

Fragrouter is designed as an IDS evasion toolkit, enabling users to perform IP fragmentation attacks that can evade network intrusion detection systems. By breaking packets into specific fragment patterns, it exploits weaknesses in how IDS reassemble and inspect fragmented traffic.

Use cases include penetration testing, security research, and validating IDS configurations against fragmentation-based evasion techniques. It forwards traffic through different attack modes that alter fragment order, size, and duplication to simulate real-world evasion scenarios.

The tool is particularly useful in controlled environments where testers need to demonstrate potential blind spots in monitoring solutions. Its lightweight installation and straightforward interface make it accessible for network security professionals.

Fragrouter operates by intercepting network traffic on a specified interface and applying IP fragmentation transformations based on selected attack modes. It supports techniques like ordered fragments of fixed byte sizes (8-byte or 16-byte), out-of-order delivery, duplicates, and marking the last fragment first. These manipulations disrupt reassembly processes in IDS, causing dropped or misidentified packets. Additional options control interface selection, promiscuous mode, and hop manipulation for advanced routing evasion.