dsniff

version: 2.5a2 arch: any

dsniff Homepage| Package Tracker| Source Code Repository
Edit this page

Metapackages

Tools:

Packages & Binaries

dsniff

LIGHT

DARK

Packages and Binaries:

dsniff

Various tools to sniff network traffic for cleartext insecurities
This package contains several tools to listen to and create network traffic:

arpspoof - Send out unrequested (and possibly forged) arp replies.
dnsspoof - forge replies to arbitrary DNS address / pointer queries on the Local Area Network.
dsniff - password sniffer for several protocols.
filesnarf - saves selected files sniffed from NFS traffic.
macof - flood the local network with random MAC addresses.
mailsnarf - sniffs mail on the LAN and stores it in mbox format.
msgsnarf - record selected messages from different Instant Messengers.
sshmitm - SSH monkey-in-the-middle. proxies and sniffs SSH traffic.
sshow - SSH traffic analyser.
tcpkill - kills specified in-progress TCP connections.
tcpnice - slow down specified TCP connections via “active” traffic shaping.
urlsnarf - output selected URLs sniffed from HTTP traffic in CLF.
webmitm - HTTP / HTTPS monkey-in-the-middle. transparently proxies.
webspy - sends URLs sniffed from a client to your local browser (requires libx11-6 installed).

Please do not abuse this software.

Installed size: 582 KB
How to install: sudo apt install dsniff

Dependencies:

libc6
libnet9
libnids1.21t64
libpcap0.8t64
libssl3t64
libtirpc3t64
libx11-6
libxmu6
openssl

arpspoof

Intercept packets on a switched LAN

root@kali:~# arpspoof --help
arpspoof: invalid option -- '-'
Version: 2.5a2
Usage: arpspoof [-i interface] [-c own|host|both] [-t target] [-r] host

dnsspoof

Forge replies to DNS address / pointer queries

root@kali:~# dnsspoof --help
dnsspoof: invalid option -- '-'
Version: 2.5a2
Usage: dnsspoof [-i interface] [-f hostsfile] [expression]

dsniff

Password sniffer

root@kali:~# dsniff --help
dsniff: invalid option -- '-'
Version: 2.5a2
Usage: dsniff [-cdamDNPCv] [-i interface | -p pcapfile] [-s snaplen]
              [-f services] [-t trigger[,...]]
              [pcap filter]
 -c         Half-duplex TCP stream assembly
 -a         Show duplicates
 -v         Verbose. Show banners
 -d         Enable debugging mode
 -D         Disable DPI. Only decode known ports.
 -m         Force DPI also on known ports (e.g. ignore /etc/services).
            For example, -m will detect SSH on port 443 (https).
 -C         Force color output even if not a TTY (disable color: dsniff|cat)
 -N         Resolve IP addresses to hostname
 -P         Enable promisc mode
 -t <...>   Force a decoding method for a specific port/protocol.
            Example: Decode IMAP on port 8143: -t 8143/tcp=imap
 -i <link>  Specify the interface to listen on
 -p <file>  Read from pcap file
 -s <len>   Analyze at most the first snaplen of each TCP connection [default: 1024]

 Example:
   dsniff -i eth0 -C >log.txt

filesnarf

Sniff files from NFS traffic

root@kali:~# filesnarf --help
filesnarf: invalid option -- '-'
Version: 2.5a2
Usage: filesnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]

macof

Flood a switched LAN with random MAC addresses

root@kali:~# macof --help
macof: invalid option -- '-'
Version: 2.5a2
Usage: macof [-s src] [-d dst] [-e tha] [-x sport] [-y dport]
             [-i interface] [-n times]

mailsnarf

Sniff mail messages in Berkeley mbox format

root@kali:~# mailsnarf --help
mailsnarf: invalid option -- '-'
Version: 2.5a2
Usage: mailsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]

msgsnarf

Sniff chat messages

root@kali:~# msgsnarf --help
msgsnarf: invalid option -- '-'
Version: 2.5a2
Usage: msgsnarf [-i interface | -p pcapfile] [[-v] pattern [expression]]

sshmitm

SSH monkey-in-the-middle

root@kali:~# sshmitm --help
sshmitm: invalid option -- '-'
Version: 2.5a2
Usage: sshmitm [-d] [-I] [-p port] host [port]

sshow

SSH traffic analysis tool

root@kali:~# sshow --help
sshow: invalid option -- '-'
Usage: sshow [-d] [-i interface | -p pcapfile]

tcpkill

Kill TCP connections on a LAN

root@kali:~# tcpkill --help
tcpkill: invalid option -- '-'
Version: 2.5a2
Usage: tcpkill [-i interface] [-1..9] expression

tcpnice

Slow down TCP connections on a LAN

root@kali:~# tcpnice --help
tcpnice: invalid option -- '-'
Version: 2.5a2
Usage: tcpnice [-A] [-I] [-M] [-i interface] expression

urlsnarf

Sniff HTTP requests in Common Log Format

root@kali:~# urlsnarf --help
urlsnarf: invalid option -- '-'
Version: 2.5a2
Usage: urlsnarf [-n] [-i interface | -p pcapfile] [[-v] pattern [expression]]

webmitm

HTTP / HTTPS monkey-in-the-middle

root@kali:~# webmitm --help
webmitm: invalid option -- '-'
Version: 2.5a2
Usage: webmitm [-d] [host]

webspy

Display sniffed URLs in Netscape in real-time

root@kali:~# webspy --help
webspy: invalid option -- '-'
Version: 2.5a2
Usage: webspy [-i interface | -p pcapfile] host

Updated on: 2025-Dec-09

Edit this page

dscan dufflebag