๐bettercap
Bettercap is a Swiss Army knife for network attacks and monitoring. It enables attackers to perform various tasks, such as sniffing and spoofing.
Bettercap is a versatile and powerful open-source security tool that is used by security professionals to test network security and perform security assessments. It is built on top of the popular packet sniffing and manipulation tool, libpcap, and provides a modular framework that enables developers to create their own plugins or modules to extend its functionality.
Bettercap can be used to perform various types of network attacks and analyze network traffic. Its features include network sniffing, ARP spoofing, DNS spoofing, SSL stripping, session hijacking, and packet injection capabilities. With these features, Bettercap can be used to detect and intercept network traffic, spoof network traffic, and inject arbitrary packets into the network.
One of the primary uses of Bettercap is for penetration testing and vulnerability assessment. It can be used to detect vulnerabilities in network devices, services, and applications, as well as to test the effectiveness of security controls such as firewalls, intrusion detection systems, and antivirus software. It can also be used to simulate attacks and test the effectiveness of security incident response plans.
Another use case for Bettercap is for network monitoring and troubleshooting. It can be used to analyze network traffic and identify performance issues, network bottlenecks, and other network-related problems. It can also be used to monitor network activity and detect unusual or malicious behavior.
Bettercap is available for Linux, macOS, and Windows platforms, and can be installed using package managers such as apt, homebrew, or chocolatey, or directly from the source code on GitHub. It has a command-line interface and supports a wide range of network protocols, including ARP, DNS, DHCP, HTTP, and others.
While Bettercap is a powerful tool for testing network security, it can also be used maliciously. Therefore, it should only be used by authorized personnel who have obtained the necessary permissions to perform security assessments or penetration testing. Additionally, it is important to use Bettercap in a responsible and ethical manner and to respect the privacy and security of others.
bettercap Usage Example
Scan the system in quiet mode (-Q) and output in cronjob format (โcronjob):
Packages and Binaries:
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks.
Main Features:
WiFi networks scanning, deauthentication attack, clientless PMKID association attack and automatic WPA/WPA2 client handshakes capture.
Bluetooth Low Energy devices scanning, characteristics enumeration, reading and writing.
2.4Ghz wireless devices scanning and MouseJacking attacks with over-the-air HID frames injection (with DuckyScript support).
Passive and active IP network hosts probing and recon.
ARP, DNS, NDP and DHCPv6 spoofers for MITM attacks on IPv4 and IPv6 based networks.
Proxies at packet level, TCP level and HTTP/HTTPS application level fully scriptable with easy to implement javascript plugins.
A powerful network sniffer for credentials harvesting which can also be used as a network protocol fuzzer.
A very fast port scanner.
A powerful REST API with support for asynchronous events notification on websocket to orchestrate your attacks easily.
A very convenient web UI.
This package contains a Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and attacks.
Installed size: 24.05 MB
How to install: sudo apt install bettercap
bettercap
Updated on: 2023-Mar-08
Last updated