Skip to content

Network sniffing automation with Bettercap as rogue AP or as client in your network

License

Notifications You must be signed in to change notification settings

90N45-d3v/BetterSniff

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

53 Commits
 
 
 
 
 
 
 
 

Repository files navigation

154769341-1c379aeb-c39e-4c53-9344-8ef8c85b7b92

With this script you can host an access point with create_ap by @oblique and sniff all traffic with Bettercap automatically. If you are connected to an existing network and want to sniff some traffic there, you can do that too.

Features

  • Sniff domains your victim is visiting/pinging (full path location if request is not encrypted with SSL/TLS)
  • Sniff unencrypted credentials from sources like telnet, SMTP or FTP
  • Inject customizable javascript into every http website
  • Sniffed traffic will be logged for later analysis
  • Probe-request scanner (only rogue AP mode)
  • Create configurable AP (only rogue AP mode)
  • ARP-spoofing for beeing the mitm (only client mode)

Installation

For me it works like a charm on kali (all needed tools are preinstalled). If you want to run it for example on a raspberry pi with a debian based system, it should work too. Now the installation guide:

git clone https://github.com/90N45-d3v/BetterSniff.git
cd BetterSniff
sudo bash requirements.sh
# and run it!
sudo bash BetterSniff.sh

Analyze your traffic later

If you sniffed some traffic with BetterSniff once, there will be a loot file (loot.pcap) for later analysis. You can take a look at the sniffed traffic with following commands:

# start bettercap
sudo bettercap
# set loot.pcap as source for net.sniff
set net.sniff.source loot.pcap
# take a look at it
net.sniff on

Working on...

  • New mode: EvilTwin (clone existing WPA2-AP)
  • Settings for easily handling the mapping of domains to a custom IP address (Bettercap's DNS spoofer)
  • deauth for more probe-requests (only rogue AP mode)

Some information

I know, that this code could be better. If you have some improvements, errors or other things to say, just make a fork, pull-request, open an issue or contact me on twitter @90N45.

Releases

No releases published

Packages

No packages published

Languages