Package dsniff

Tools for network auditing and penetration testing

A collection of tools for network auditing and penetration testing. Dsniff,
filesnarf, mailsnarf, msgsnarf, urlsnarf and webspy allow to passively monitor
a network for interesting data (passwords, e-mail, files). Arpspoof, dnsspoof
and macof facilitate the interception of network traffic normally unavailable
to an attacker (e.g, due to layer-2 switching). Sshmitm and webmitm implement
active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions
by exploiting weak bindings in ad-hoc PKI.

System Administration
Command Description
arpspoof intercept packets on a switched LAN
dnsspoof forge replies to DNS address / pointer queries
dsniff password sniffer
filesnarf sniff files from NFS traffic
macof flood a switched LAN with random MAC addresses
mailsnarf sniff mail messages in Berkeley mbox format
msgsnarf sniff chat messages
sshmitm SSH monkey-in-the-middle
sshow SSH traffic analysis tool
tcpkill kill TCP connections on a LAN
tcpnice slow down TCP connections on a LAN
urlsnarf sniff HTTP requests in Common Log Format
webmitm HTTP / HTTPS monkey-in-the-middle
webspy display sniffed URLs in Netscape in real-time