macgonuts is a tool for ARP/NDP exploitations including:
- ARP/NDP spoofing;
- Active sniffing;
- Isolate a specific local host "from layer-2";
- Spread some "layer-2" disorder over the LAN;
- DNS spoofing;
- Scan possible prey NICs over LAN by identifying OUI from them;
- Take off "the internet/external world" access of a LAN host;
- Deny SLAAC based link-local address attribution on IPv6 LAN causing "dadfailed";
- It also delivers some basic building blocks for code basic spoofing stuff from python or golang programs (a.ka. python and golang binds);
Redirection is a feature that can be enabled by passing a single flag option. It also has some options to make the attack be more "incognito" possible. Build generates the .deb package.
The build is fair simple. In general is clone the repo, jump into src subdirectory and call make deb. Done. You got a .deb package.
git clone https://github.com/rafael-santiago/macgonuts --recursive
cd macgonuts/src
_ make deb
The build is prepared for using GCC or Clang.
Dependencies: libc, pthread, GNUMake.
If you want to build the py and go binds you will need python/cython and go.
Run pybind build: make with-pybind=yes
Run gobind build: make with-gobind=yes
Or even both in a once: make with-pybind=yes with-gobind=yes
I believe that this tool could be useful for red teams and pentest folks and yes, I am the tool developer ;) But it really works well. | 
