What is Bettercap?
How It is better than Ettercap.
- ettercap was a great tool, but it made its time.
- We've found ettercap filters to simple not work in many cases as they are outdated and also haven't been maintained as there aren't as many low-level C programmers interested in maintaining it.
- ettercap is freaking unstable on big networks ... If you've tried to use ettercap's host discovery feature on any large network you'll see it simply can't scale well.
- yeah you can see connections and raw pcap stuff, nice toy, but as a professional researcher I want to see only relevant stuff.
- unless you're a C/C++ developer, you can't easily extend ettercap or make your own module.
Stable Release ( GEM )
gem install bettercap
git clone https://github.com/evilsocket/bettercap cd bettercap gem build bettercap.gemspec sudo gem install bettercap*.gem
sudo apt-get install ruby-dev libpcap-devHow is it possible?
Features of Bettercap.
Dynamic Host Discovery + ARP Spoofing
- URLs being visited.
- HTTPS host being visited.
- HTTP POSTed data.
- HTTP Basic and Digest authentication.
- FTP credentials.
- IRC credentials.
- POP, IMAP and SMTP credentials.
- NTLMv1/v2 ( HTTP, SMB, LDAP, etc ) credentials.
Modular Transparent Proxy
Built in HTTP Server
Installation guide => http://www.bettercap.org/install/
Features and How to use => http://www.bettercap.org/features/