DSniff

DSniff is a collection of handy tools designed to help with network auditing and penetration testing. It includes tools like dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy. These tools passively keep an eye on the network for interesting data like passwords, emails, and files.

Network Traffic Interception

With arpspoof, dnsspoof, and macof, you can intercept network traffic that you normally wouldn’t have access to because of layer-2 switching. For instance, sshmitm and webmitm can perform active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by taking advantage of weak spots in the ad-hoc PKI.

The Purpose Behind DSniff Tools

I created these tools with good intentions - to audit my own network and show how insecure many network application protocols can be. Please remember not to misuse this software!

A Closer Look at Individual Tools

arpspoof:

This tool redirects packets from a target host (or all hosts) on the LAN meant for another local host by forging ARP replies. It’s super effective at sniffing traffic on a switch! Just make sure kernel IP forwarding is turned on first.

dnsspoof:

This one forges replies to any DNS address or pointer queries on the LAN. It’s great for bypassing hostname-based access controls or pulling off various man-in-the-middle attacks like HTTP or SSH.

dsniff:

This password sniffer handles everything from FTP to Telnet and even some database connections! It automatically detects each application protocol, saves the juicy bits using Berkeley DB as its output file format while logging unique authentication attempts.

filesnarf:

This tool saves chosen files sniffed from NFS traffic right into your current working directory!

Your Go-To Sniffing Companion!

If you're curious about downloading these awesome tools, check out this link. It's a great way to start your journey into network auditing!