Ettercap
Ettercap is a comprehensive suite that helps users stay away from attacks during live connections or content filtering. The solution includes many networks and host analysis features and comes with active and passive dissection of many protocols. IT runs on various operating systems such as Unix, Linux, Mac OS X, etc. and is capable of intercepting traffic on a network segment. The solution allows users to capture passwords conduct active eavesdropping against several common protocols.
It comes with SSH1 support and allows users to sniff the username and password of other users through the same connection, and it can sniff a complete SSH connection in full-duplex. Ettercap helps in keeping their data secure through HTTPS support even when the connection is made through a proxy. It has various password collectors such as TELNET, FTP, POP, IMAP, etc. It helps users to determine the operating system of the victim through OS fingerprinting.
Ettercap Alternatives
#1 SmartSniff
SmartSniff is a networking monitoring tool that allows users to capture TCP packets that cover the network adapter which users are using and capture the data between users and servers. The tool enables users to view the TCP conversations in Ascii mode and provides different methods to capture the TCP packets.
It can go with any operating as long as they have a WinPcap capture driver installed on the system. The Raw sockets feature allows users to capture TCP packets on the network without installing a capture driver. It enables users to capture data from unsecured wireless networks, but this works only on some operating systems.
The tool helps users to view the information of the selected network adapter in the window title. Users can automatically add or remove the tool from the program list when they start capturing the data. Users only have to select the capture method and network adapter, and after performing functions on it, SmartSniff displays all the results in the window.
#2 Netcat
Netcat is a utility tool that helps users in reading and writing data across network connections with the help of a TCP protocol. The software is designed to be a backend tool that users can directly drive by other scripts. As the tool can create any kind of connection, it offers feature-rich network debugging and exploration tool.
The solution comes with outbound and inbound connections with TCP and its tunneling mode offers the possibility of all network parameters. It supports almost every other operating system with some modifications in them before its installation. The tool comes with advanced usage options such as buffered send-mode and Hexdump features.
The tool helps the network and system administrators to identify how their networks are performing, and they can receive an alert if any unusual activity is witnessed by the tool. It can scan ports when it is trying to diagnose a network or performance issue.
#3 Colasoft Capsa
Colasoft Capsa is a utility tool that helps in monitoring, analyzing, and troubleshooting the wired and wireless networks. This portable network performance analysis and diagnostics tool offer powerful packet capture and analysis solution with an easy-to-use interface to protect and monitor networks. It keeps users alert about the threats in the network, which can cause damage to business operations.
The tool comes with VoIP analysis, which helps in capturing and analyzing VoIP calls and troubleshoots VoIP-based networks. It comes with a task scheduler that helps users to run packet capture at a pre-defined time. The solution provides a TCP flow analysis feature that works on revealing information to troubleshoot a slow network.
Colasoft Capsa accurately detects DDoS attacks and locates the source and target of such attacks in real-time. It monitors network traffic and its bandwidth and helps in understanding what is happening in the network. Colasoft Capsa automatically detects the problems and suggests solutions for it.
#4 Ethereal
Ethereal is a packet sniffer that comes as one of the best security and network troubleshooting tools and runs on both Windows and Linux. The tool enables users to see what is happening on their network at a microscopic level. It helps users to perform deep inspection of hundreds of protocols, and users can add more networks for checking.
Users can capture data in real-time and can perform analysis offline. The tool offers a rick VoIP analysis and comes with powerful display filters in the industry. The captured data on the tool can be browser by using a GUI or TTY mode.
The tool enables users to decompress the gzip files that they have captured, and users can read live data from Ethernet. It offers many different capturing file formats such as Pcap NG, NetXray, etc. Users can apply coloring rules to the packet list, and they can export output to XML or PostScript format.
#5 Intercepter-NG
Intercepter-NG is a sniffer application that helps users to spy on other devices which are using the same network connection. The term used for the software is auditing networks, but it is more like stealing passwords and information from other users. It allows users to check whether their network connection is safe or not and to check if there are any intruders connected to block their work. Intercepter-NG enables users to view all the data which is being transmitted by other people using the same network.
Users can analyze this data, store it, or modify it for their use. The tool works easily on unencrypted data and can download it directly from the platform. Users can extract passwords that people use for login purposes into different websites and social media platforms. The tool kills the cookies in the other people’s system to add their username and password again, which helps the users steal it without any hint to them.
#6 NetworkMiner
NetworkMiner is an open-source Network Forensic Analysis Tool for Windows, which users can use as a pacific network packet capturing tool to detect operating systems. The tool allows users to detect hostnames, sessions, open ports, etc. without putting any traffic on the network. It offers an intuitive user interface that enables users to perform advanced Network Traffic Analysis by extracted artifacts.
The solution offers Live sniffing, IPv6 support, Decapsulation of GRE, OSS fingerprinting facilities, PIPI, etc. The tool provides Geo IP localization, a configurable file output directory, and allows users to export the extracted data to CSV or XML files.
The main interface dashboard contains a separate portion for every part of data, such as it contains a portion for hosts, sessions, DNS, Parameters, Credentials, etc. It allows users to search stored data for a keyword, and it will be displayed along with other portions. The app is portable, and users do not have to install it on their system to run it.
#7 Debookee
Debookee is a powerful network traffic analyzer for macOS, which allows users to decrypt and analyze the network traffic of all of their devices. The solution helps users to intercept and monitor the traffic of any device in the same subnet. It enables users to capture data from mobile devices on their Mac without the use of a proxy.
The tool can intercept two internet connections at a single time with no influence on other connections. It allows users to decrypt all of their traffic and targets in a single place and click. The Network Analysis feature monitors and analyzes the network data in real-time on the Mac.
The solution supports different protocols such as HTTP, HTTPS, TCP, DHCP, etc. Users can scan the whole network and can view which devices are connected with them. It helps users in decrypting the email traffic, and users can view the full content of Text WebSockets messages.
#8 Cocoa Packet Analyzer
Cocoa Packet Analyzer is a network protocol analyzer and packet sniffer used by Mac OS X. The solution supports the industry-standard PCAP packet capture format for reading and capturing packet trace files. It helps users to analyze, display, and filter packet trace files along with packet capturing.
The solution comes with a QuickLook plugin that helps users to get an overview of packet traces already in finder. It supports Ethertypes such as ARP, IP, PPP, etc. and Linktypes such as Loopback. The solution also supports the PCAP packet capture format and aids in the printing of packets. Cocoa Packet Analyzer comes with port-based protocol detection such as L2TP, ESP, and offers a PPoE discovery feature.
#9 HTTPNetworkSniffer
HTTPNetworkSniffer is a packet sniffer that captures and displays HTTP requests through various packet capture drivers. The solution captures responses sent between the web browser and the webserver, which users can view in a simple table. When a single request is analyzed, components like Hostname, HTTP method, URL path, User agents, etc. are displayed on the screen.
Users can easily select more than one HTTP information line, which they can then export in different formats to the clipboard. The main aim of the software is to capture packets that are flowing across the network and decrypt the raw data of the packet.
The main display window tells everything about the packet, and the information takes from it, and users can create HTML reports and actions related to columns. Users can select the capture method which they want to use to capture packets, such as WinPcap.
#10 TcpLogView
TcpLogView is a lightweight and simple-to-use application that helps in monitoring open TCP connections and provides information to users on various aspects of connections. The solution comes with several handy options that allow users to perform all kinds of analysis, even if they do not have any experience in this field.
The tool offers different information about the connection, such as Local Port, Remote Port, Process ID, Process name, etc. It does not create new entries in the Windows registry or on the hard disk without the consent of users –means no marks of traces after its removal from the system.
The solution has an intuitive graphical user interface that gets populated with TCP connection and its details. Users can save the entries which they want in TXT, CSV, or HTML format. It enables users to use their search function when they are dealing with a large amount of data to find the right content.
#11 Pirni Pro
Pirni Pro is a network security tool designed for Ios which helps users to intercept traffic on a wireless network segment. The app allows users to capture passwords and regular expressions entered by other people. It comes with the license of the GNU General Public License, and the core system of the software is written in C language.
The solution supports active dissection of all the non-ciphered protocols. It helps in sniffing the usernames, passwords, and data traffic running over the wireless network with whom the user is attached. Users can watch a live feed over the packets which are being collected through this software.
The tool helps users in managing regular expressions to filter out data, such as site credentials, etc. It allows users to collect passwords from connectors like HTTP. Users can use this software for sending the files to their computer, and they can read them with any traffic analyzer.
#12 apptalk.ninja
apptalk.ninja is a tool that helps developers and users to monitor and debug communication between applications and hardware devices. The tool allows users to log all the data which has been transferred over Bluetooth as well as HTTP. It offers senses to users to allows them to see what is going on in their users’ packets and in the devices with whom they bare sharing the data.
The solution brings transparency to app development along with reproducing errors and speeds up the collaboration between the client-side and backend developers. It saves time of users in identifying the bugs and errors during run-time while communicating between the user’s device and backend servers.
apptalk.ninja offers data and analytics that many developers do not have access to in their development environment. This is one of the few platforms that can automatically track the crashes and provide the data to make the needed code corrections.
#13 Appknox
Appknox is a solution provider to users for mobile app security testing services and helps developers to build and deploy world-class mobile apps for organizations and users. The vulnerability assessment tool allows users to detect every vulnerability present around the source code. It runs tests and other security compliances such as HIPAA, PCI-DSS, etc. for security threat parameters.
The solution comes with DAST that allows users to perform advanced vulnerabilities tests while the application is running. It simulates actual attacks on the test environments, detects, and plugs away from the pesky vulnerabilities. The tool has an API testing feature that scans API requested endpoints to detect vulnerabilities of any kind.
The service offers Penetration testing based-on the human mind, which allows developers to perform tests based on research done by security researchers. Its Remediation call performs the complete analysis of the findings detected by the testing, and any number of developers can work on it at a single time.
#14 Port Map
Port Map is a free port forwarding solution, that creates a VPN tunnel from your PC TO server using free OpenVPN software. It does port forwarding by defining the rules to forward require from the Internet through its server to your local machine. Based on the configuration of your virtual hosts, you can specify which server you are connecting to.
It cannot access it directly because the server is between Port Map and the local machine. Forwarding ports on a server solves this problem by making some ports on the server available locally. It comes with core features like unlimited bandwidth, multiple system support, custom domain name support, host headers, various protocols including HTTP/HTTPS, TCP or UDP, auto-generated domain name, hundreds of configurations, unlimited rules, low latency of servers, and more to add.
#15 Tcpdump
Tcpdump is a command-line packet analyzer and is a portable C or C++ library that is intended for capturing network traffic. The tcpdump program is the original tool for network monitoring and data acquisition and is available for all major operating systems. Tcpdump filters packets transmitted on the network or being sent to the program itself. In addition to filtering on IP and Ethernet headers, tcpdump can also filter on link-layer headers.
Tcpdump includes the ability to filter packets based on different criteria and print selected parts of the packet data, such as the payload or just the protocol headers. It can also be used to display the contents of the payload of packets in a human-readable format. Tcpdump will output all of the packets matching the specified expression, regardless of whether they are part of a Telnet session or not. Tcpdump will, by default, not display any packets that do not have a matching expression.
#16 Komodia Relay
Komodia Relay is a small utility that is based on the function of port forwarding ports like TCP, UDP, and HTTP. It forwards Port an IP and port source to another IP and port location. It uses a specific protocol used to transfer information. In this case, there are two important protocol suites: Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). This is useful if you are behind several firewalls and have to access specific servers on the Internet. It is creating a relay between localhost and Komodia’s website, connecting it to an IP address. It has an HTTP relay that replaces the original IP in the host file.
#17 Simple Port Forwarding
Simple Port Forwarding is a simple utility that comes with a clean interface, works with web pages, providing an automated way for port forwarding. It makes Port forwarding easy to set up, and you can use a feature that automatically fills in all the fields such as IP, protocol, Port, description of your router. You can request to make a port forwarding in the browser and one-click for saving the configuration.
A security cookie helps you to secure your router password. Not only does it allow you to create port forwarding rules, but it also makes it possible to add multiple domains into one port forwarding rule. And this approach saves your time and money since you only need one domain instead of purchasing a separate IP address for each domain. There are multiple features on offer that include enable and disable script throttle, quick access to windows firewalls; built-in debug mode, advanced tools, set your computer IP address, advanced tools, automatic program updates, and more to add.
#18 Portfwd
Portfwd is an all-in-one port forwarding daemon, that forwards the incoming TCP connections and UDP packets to remote hosts. The ports are forwarded over TCP or UDP protocols, to remote hosts, with multiple configuration options. Portfwd is designed to work with embedded systems. For example, it can be used as an FTP proxy or a socks5 server on your router.
Forwarding of TCP segments and UDP diagrams, Transparent proxying, DNS names for destination hosts, Structured configuration language, round-robin load-balancing, and more are some of its main leverages. It comes with the extravagant way to forward your TCP connections with this system, thus making it a pivot point. It supports port binding, proxies, automated port restrictions, access lists, and more.
The daemon is designed for high-speed networks, and it’s thoroughly tested for UDP performance. The configuration files are processed through Python, so complex setups can be easily implemented. It’s mainly working on the Linux host and can be started as a SysV service, so when you change the configuration, it will be automatically applied.
#19 PortMapper
PortMapper is an all-in-one tool that is used for managing the ports. It is designed for systems, network and security administration, port mapping and auditing, service monitoring, and compliance testing. PortMapper allows administrators to scan the ports of a range of IP addresses; this makes it easy for them to identify which ports are open or closed on a given server, network, or range of networks. It is a wonderful tool for managing your Port; it provides the best navigation for your server. It also includes server monitoring, where you can view CPU, RAM, and Disk stats as well as uptime time.
#20 Socat
Socat is an all-in-one utility that is a kind of relay that is intended for bidirectional data transfers between two independent data channels. It can be used to interconnect two networks, to build a point-to-point link, or to create a DSL router. It can be used to open and maintain a TCP or UDP connection or both, or it can be used to relay network traffic. Socat runs on Unix-like platforms, including Linux and Mac OS X, and supports SOCKS4 and SOCKS5 as well as HTTPS proxy bidirectional encryption data transfers.
This utility is designed for system administrators of different networks that must allow unsecured logins from local clients to remote servers. The data transfer channel may be a pipe, device, file a, socket, SSL socket, or a file descriptor. It acts in proxy mode with a single command-line interface, which makes it really easy to manage and use. Using socat, the user can reach an SSH server when the client’s system doesn’t permit the remote login.
#21 Packet Sender
Packet Sender is a simple yet powerful tool that is used to send and receive network packets. It comes with the ultimate support for TCP, UDP, and SSL encryption. Packet Sender will help you to visually troubleshoot various issues such as a firewall blocking ports, dropping of packets due to insufficient memory, and even suspicious traffic.
With its intuitive and easy-to-use Graphical User Interface, you can instantly connect to the remote packet generator and receiver IP address. You will be able to transfer files to and fro without any trouble. The app has been designed in such a manner that you can monitor your computer or server at any time using this tool. The app has been designed in such a manner that you can monitor your computer or server at any time using this tool.
It leverages you with multiple things like test automation, testing network APIs, malware analysis, testing network connectivity, tech support, and security research. With this utility, you have no ads, no bundles, and leverage you to define any data, command-line interface for automation and scripting. What’s more, it comes with the packet sender cloud, where you can save, share, and collaborate with others.
#22 AirSnare
AirSnare is a comprehensive intrusion detection that system that helps users to monitor their wireless network and alerts users if there is any unfriendly request on the system. It not only lets the users know about those Mac addresses that are trying to connect to their networks but helps them in tracking their IP addresses.
The software keeps those users away from the wireless network, which cannot be trusted, and it provides an intrusion detection system to users to keep them alert about the intruders. The solution continuously manages the whole network traffic to avoid any kind of inconvenience.
The solution automatically detects all the network adapters and lists them for users so that they can monitor them. Users can define the list of friendly Mac addresses that they do not want to monitor. The alert is sent to users via a red screen functionality, and an alarm sound is turned on to inform about any inappropriate behavior.
#23 Pwncat
Pwncat is a scripting engine that comes with scripting based on Python, which allows you to inject custom code right before sending and receiving any data. The Pwncat code in Python is compatible and should work on any platform that supports Pidgin, such as Windows, OS X, and Linux. Before sending the data to the Web Server, you can detect all the common XSS filters and cleanse out all the possible XSS codes in the data.
You have the ability to run custom code at this moment can let you bypass AMSI as well as any kind of malware detection/prevention. It is a kind of generic packet crafting engine that allows you to create any packet you want, with custom protocols and packets inside. It generates random data, such as credit card numbers and other payment gateway numbers. Before sending the username and password to the target, use your Python code to clean the password, e.g., remove the user name and password from the data.