View Revisions: Issue #6454

Summary 0006454: Espionage - A Network Packet and Traffic Interceptor For Linux. Automate MiTM & Sniff All Data Sent Through a Network.
Revision 2020-09-01 21:40 by g0tmi1k
Description - Name: Espionage
- Version: 1.1
- Homepage: https://www.github.com/josh0xA/Espionage.git
- Download: The GitHub repository: https://www.github.com/josh0xA/Espionage.git
- Licence: This software is protected under the terms of the MIT licence. The conditions can be viewed here: https://opensource.org/licenses/MIT
- Description:
             Espionage is a network packet sniffer that intercepts large amounts of data being passed through an interface. The tool allows users to to run normal and verbose traffic
             analysis that shows a live feed of traffic, revealing packet direction, protocols, flags, etc. Espionage can also spoof ARP so, all data sent by the target gets redirected through
             the attacker (MiTM). Espionage supports IPv4, TCP/UDP, ICMP, and HTTP. Espionage was written in Python 3.8 but it also supports version 3.6.
- Author: Josh Schiavone
- Dependencies: Python3.6+, Libraries: httpcap, netifaces, scapy, termcolor. (These come with the Espionage installation however. Also, this tool isn't a scapy rapper. The only use of
                                                                                                                                        scapy lib is for ARP protocol handling.)
- Similar Tools: Tshark, mitmproxy, ettercap.
- Activity: Project started in April 2020 nut pushed to git recently. It is still being maintained and still actively being deployed.
- How To Install:
          git clone https://www.github.com/josh0xA/Espionage.git
          cd Espionage
          sudo python3 -m pip install -r requirments.txt
          sudo python3 espionage.py --help

- How to use:
         1. sudo python3 espionage.py --normal --iface wlan0 -f capture_output.pcap
         Command 1 will execute a clean packet sniff and save the output to the pcap file provided. Replace wlan0 with whatever your network interface is.
         2. sudo python3 espionage.py --verbose --iface wlan0 -f capture_output.pcap
         Command 2 will execute a more detailed (verbose) packet sniff and save the output to the pcap file provided.
         3. sudo python3 espionage.py --normal --iface wlan0
         Command 3 will still execute a clean packet sniff however, it will not save the data to a pcap file. Saving the sniff is recommended.
         4. sudo python3 espionage.py --verbose --httpraw --iface wlan0
         Command 4 will execute a verbose packet sniff and will also show raw http/tcp packet data in bytes.
         5. sudo python3 espionage.py --target <target-ip-address> --iface wlan0
         Command 5 will ARP spoof the target ip address and all data being sent will be routed back to the attackers machine (you/localhost).

         - Press Ctrl+C in-order to stop the packet interception and write the output to file.
Packaged?: No the tool is not packaged for Debian although if Espionage is being considered, it just has to be added to path.
Revision 2020-06-15 08:03 by overflow1n
Description - Name: Espionage
- Version: 1.1
- Homepage: https://www.github.com/josh0xA/Espionage.git
- Download: The GitHub repository: https://www.github.com/josh0xA/Espionage.git
- Licence: This software is protected under the terms of the MIT licence. The conditions can be viewed here: https://opensource.org/licenses/MIT
- Description:
             Espionage is a network packet sniffer that intercepts large amounts of data being passed through an interface. The tool allows users to to run normal and verbose traffic
             analysis that shows a live feed of traffic, revealing packet direction, protocols, flags, etc. Espionage can also spoof ARP so, all data sent by the target gets redirected through
             the attacker (MiTM). Espionage supports IPv4, TCP/UDP, ICMP, and HTTP. Espionage was written in Python 3.8 but it also supports version 3.6.
- Author: Josh Schiavone
- Dependencies: Python3.6+, Libraries: httpcap, netifaces, scapy, termcolor. (These come with the Espionage installation however. Also, this tool isn't a scapy rapper. The only use of
                                                                                                                                        scapy lib is for ARP protocol handling.)
- Similar Tools: Tshark, mitmproxy, ettercap.
- Activity: Project started in April 2020 nut pushed to git recently. It is still being maintained and still actively being deployed.
- How To Install:
          git clone https://www.github.com/josh0xA/Espionage.git
          cd Espionage
          sudo python3 -m pip install -r requirments.txt
          sudo python3 espionage.py --help

- How to use:
         1. sudo python3 espionage.py --normal --iface wlan0 -f capture_output.pcap
         Command 1 will execute a clean packet sniff and save the output to the pcap file provided. Replace wlan0 with whatever your network interface is.
         2. sudo python3 espionage.py --verbose --iface wlan0 -f capture_output.pcap
         Command 2 will execute a more detailed (verbose) packet sniff and save the output to the pcap file provided.
         3. sudo python3 espionage.py --normal --iface wlan0
         Command 3 will still execute a clean packet sniff however, it will not save the data to a pcap file. Saving the sniff is recommended.
         4. sudo python3 espionage.py --verbose --httpraw --iface wlan0
         Command 4 will execute a verbose packet sniff and will also show raw http/tcp packet data in bytes.
         5. sudo python3 espionage.py --target <target-ip-address> --iface wlan0
         Command 5 will ARP spoof the target ip address and all data being sent will be routed back to the attackers machine (you/localhost).

         - Press Ctrl+C in-order to stop the packet interception and write the output to file.
Packaged?: No the tool is not packaged for Debian although if Espionage is being considered, it just has to be added to path.