Bettercap - a Complete, Modular, Portable and Easily Extensible MITM Framework.
Today I want to present my last project called bettercap.
Bettercap is a complete, modular, portable and easily extensible MITM tool and framework with every kind of diagnostic and offensive feature you could need in order to perform a man in the middle attack.
MOTIVATIONS
Yet another MITM tool? C'mon, really?!!?This is exactly what you are thinking right now, isn’t it? :D
But allow yourself to think about it for 5 more minutes … what you should be really asking is:
Does a complete, modular, portable and easy to extend MITM tool actually exist?If your answer is “ettercap”, let me tell you something:
- ettercap was a great tool, but it made its time.
- ettercap filters do not work most of the times, are outdated and hard to implement due to the specific language they’re implemented in.
- ettercap is freaking unstable on big networks … try to launch the host discovery on a bigger network rather than the usual /24 ;)
- yeah you can see connections and raw pcap stuff, nice toy, but as a professional researcher I want to see only relevant stuff.
- unless you’re a C/C++ developer, you can’t easily extend ettercap or make your own module.
Indeed you could use more than just one tool … maybe arpspoof to perform the actual poisoning, mitmproxy to intercept HTTP stuff and inject your payloads and so forth … I don’t know about you, but I hate when I need to use a dozen of tools just to perform one single attack, especially when I need to do some black magic in order to make all of them work on my distro or on OSX … what about the KISS principle?
So bettercap was born ( isn’t the name pure genius? XD ).
You can find infos on the project on the official website or on its github repository.
Enjoy!