u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h

Please click our sponsor

Sniffers

dsniff-1.1.tar.gz
Dsniff contains several powerful new network tools, written for use in penetration testing. Arpredirect is a very effective way of sniffing traffic on a switch by forging arp replies. Findgw determines the local gateway of an unknown network via passive sniffing, which can be used in conjunction with arpredirect to intercept all outgoing traffic on a switch. Macof floods the network with random MAC addresses, causing some switches to fail in open repeating mode, facilitating sniffing. Dsniff is a simple password sniffer which parses passwords from many protocols, only saving the "interesting" bits. Mailsnarf is a fast and easy way to violate the Electronic Communications Privacy Act of 1986. urlsnarf outputs all requested URL's from HTTP traffic. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically). Homepage here. By Dug Song

dsniff-1.2.tar.gz
Dsniff contains several powerful new network tools, written for use in penetration testing. Arpredirect is a very effective way of sniffing traffic on a switch by forging arp replies. Findgw determines the local gateway of an unknown network via passive sniffing, which can be used in conjunction with arpredirect to intercept all outgoing traffic on a switch. Macof floods the network with random MAC addresses, causing some switches to fail in open repeating mode, facilitating sniffing. Dsniff is a simple password sniffer which parses passwords from many protocols, only saving the "interesting" bits. Mailsnarf is a fast and easy way to violate the Electronic Communications Privacy Act of 1986. Urlsnarf outputs all requested URL's from HTTP traffic. Webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically). Changes: Ported to FreeBSD, Add NFS mount parsing / RPC framework to dsniff, Add -i flag to specify interface to use. Homepage here. By Dug Song

dsniff-1.3.tar.gz
dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: Addition of Berkeley db output file format to dsniff, as well as restricting logging to unique auth info, new tcpkill program, new dsniff manpage, DNS lookups in dsniff and urlsnarf, addition of HTTP Basic Authentication, Referer, and User-Agent logging to urlsnarf, improved RPC message parsing in dsniff, improved SMTP parsing in mailsnarf, improved HTTP 1.x parsing in dsniff, urlsnarf, and webspy. fixes for IMAP, Rlogin, Telnet option parsing in dsniff, and addition of X11 MIT-MAGIC-COOKIE parsing to dsniff. Homepage here. By Dug Song

dsniff-1.4.tar.gz
dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. tcpnice slows down specified in-progress TCP connections via "active" traffic shaping (useful for sniffing fast networks). forges tiny TCP window advertisements, and optionally ICMP source quench replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: New tcpnice program (Slows down traffic in a network via "active" tcp shaping. Added HTTP proxy support in dsniff, urlsnarf, webspy. Fixed mailsniff mbox formatting of ^From in message body, added NNTP processing to dsniff, and added the -v (verbose) flag to tcpkill and tcpnice. Homepage here. By Dug Song

dsniff-1.5.tar.gz
dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: HTTP proxy fixes, manpages, telnet fix. Homepage here. By Dug Song

dsniff-1.6.tar.gz
dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: Added parsing for Napster, AIM, ICQ (v2, v5), and CVS pserver. Now supports more non-glibc Linux systems missing ether_ntoa(). Unique HTTP authentication information by directory is now supported. dsniff now skips IMAP command tag, and doesn't rely on /etc/services. Homepage here. By Dug Song

dsniff-1.7.tar.gz
dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: Dsniff can now parse Microsoft SMB, Citrix ICA, Oracle SQL*Net (v2/Net8), and LDAP. Other small bugfixes and improvments were made. Homepage here. By Dug Song

dsniff-1.8.tar.gz
dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: Added SOCKS parsing, pcanywhere parsing, SMB parsing, IRC parsing, and NAI sniffer parsing to dsniff. Homepage here. By Dug Song

dsniff-2.0.tar.gz
dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: Major dsniff rewrite! Add configurable decode triggers and debug traps to dsniff, rewrote dsniff RPC framework, added portmap, NFS, mountd, PostgreSQL, Meeting Maker, poppass, RIP, OSPF parsing dsniff decoders. Made dsniff savefile format portable, fixed RSET handling in mailsnarf. Homepage here. By Dug Song

dsniff-2.1.tar.gz
dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: Add -c flag to specify half-duplex TCP stream reassembly in dsniff (better support for sniffing off switched ports using arpredirect), fixed OSPF parsing in dsniff, fixed webspy URL ignoring. Homepage here. By Dug Song

dsniff-2.2.tar.gz
dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: New filesnarf program which saves files sniffed from network file system traffic, Rewrote HTTP decoding in dsniff, Alpha platform support, Fixed arp discovery in arpredirect on Linux, Added -m flag to enable automatic protocol detection in dsniff (based on the classic file(1) command), Added TDS (Sybase, Microsoft SQL Server) parsing to dsniff, and Added regular expression matching and POP support to mailsnarf. Homepage: http://www.monkey.org/~dugsong/. By Dug Song

Sniffers
dsniff-1.1.tar.gz	Dsniff contains several powerful new network tools, written for use in penetration testing. Arpredirect is a very effective way of sniffing traffic on a switch by forging arp replies. Findgw determines the local gateway of an unknown network via passive sniffing, which can be used in conjunction with arpredirect to intercept all outgoing traffic on a switch. Macof floods the network with random MAC addresses, causing some switches to fail in open repeating mode, facilitating sniffing. Dsniff is a simple password sniffer which parses passwords from many protocols, only saving the "interesting" bits. Mailsnarf is a fast and easy way to violate the Electronic Communications Privacy Act of 1986. urlsnarf outputs all requested URL's from HTTP traffic. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically). Homepage here. By Dug Song
dsniff-1.2.tar.gz	Dsniff contains several powerful new network tools, written for use in penetration testing. Arpredirect is a very effective way of sniffing traffic on a switch by forging arp replies. Findgw determines the local gateway of an unknown network via passive sniffing, which can be used in conjunction with arpredirect to intercept all outgoing traffic on a switch. Macof floods the network with random MAC addresses, causing some switches to fail in open repeating mode, facilitating sniffing. Dsniff is a simple password sniffer which parses passwords from many protocols, only saving the "interesting" bits. Mailsnarf is a fast and easy way to violate the Electronic Communications Privacy Act of 1986. Urlsnarf outputs all requested URL's from HTTP traffic. Webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically). Changes: Ported to FreeBSD, Add NFS mount parsing / RPC framework to dsniff, Add -i flag to specify interface to use. Homepage here. By Dug Song
dsniff-1.3.tar.gz	dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: Addition of Berkeley db output file format to dsniff, as well as restricting logging to unique auth info, new tcpkill program, new dsniff manpage, DNS lookups in dsniff and urlsnarf, addition of HTTP Basic Authentication, Referer, and User-Agent logging to urlsnarf, improved RPC message parsing in dsniff, improved SMTP parsing in mailsnarf, improved HTTP 1.x parsing in dsniff, urlsnarf, and webspy. fixes for IMAP, Rlogin, Telnet option parsing in dsniff, and addition of X11 MIT-MAGIC-COOKIE parsing to dsniff. Homepage here. By Dug Song
dsniff-1.4.tar.gz	dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. tcpnice slows down specified in-progress TCP connections via "active" traffic shaping (useful for sniffing fast networks). forges tiny TCP window advertisements, and optionally ICMP source quench replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: New tcpnice program (Slows down traffic in a network via "active" tcp shaping. Added HTTP proxy support in dsniff, urlsnarf, webspy. Fixed mailsniff mbox formatting of ^From in message body, added NNTP processing to dsniff, and added the -v (verbose) flag to tcpkill and tcpnice. Homepage here. By Dug Song
dsniff-1.5.tar.gz	dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: HTTP proxy fixes, manpages, telnet fix. Homepage here. By Dug Song
dsniff-1.6.tar.gz	dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: Added parsing for Napster, AIM, ICQ (v2, v5), and CVS pserver. Now supports more non-glibc Linux systems missing ether_ntoa(). Unique HTTP authentication information by directory is now supported. dsniff now skips IMAP command tag, and doesn't rely on /etc/services. Homepage here. By Dug Song
dsniff-1.7.tar.gz	dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: Dsniff can now parse Microsoft SMB, Citrix ICA, Oracle SQL*Net (v2/Net8), and LDAP. Other small bugfixes and improvments were made. Homepage here. By Dug Song
dsniff-1.8.tar.gz	dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: Added SOCKS parsing, pcanywhere parsing, SMB parsing, IRC parsing, and NAI sniffer parsing to dsniff. Homepage here. By Dug Song
dsniff-2.0.tar.gz	dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: Major dsniff rewrite! Add configurable decode triggers and debug traps to dsniff, rewrote dsniff RPC framework, added portmap, NFS, mountd, PostgreSQL, Meeting Maker, poppass, RIP, OSPF parsing dsniff decoders. Made dsniff savefile format portable, fixed RSET handling in mailsnarf. Homepage here. By Dug Song
dsniff-2.1.tar.gz	dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: Add -c flag to specify half-duplex TCP stream reassembly in dsniff (better support for sniffing off switched ports using arpredirect), fixed OSPF parsing in dsniff, fixed webspy URL ignoring. Homepage here. By Dug Song
dsniff-2.2.tar.gz	dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time. Changes: New filesnarf program which saves files sniffed from network file system traffic, Rewrote HTTP decoding in dsniff, Alpha platform support, Fixed arp discovery in arpredirect on Linux, Added -m flag to enable automatic protocol detection in dsniff (based on the classic file(1) command), Added TDS (Sybase, Microsoft SQL Server) parsing to dsniff, and Added regular expression matching and POP support to mailsnarf. Homepage: http://www.monkey.org/~dugsong/. By Dug Song