The Brute Shark is a network analysis tool (NFAT) for collecting, analyzing, editing, and collecting network packets (mainly PCAP files). It includes: exporting passwords, creating network mapping, rebuilding TCP sessions, exporting fragmented passwords, and even converting them to Hashcat format in order to execute an offline Brute Force attack.
The main goal of the program is to provide a reliable solution to penetration testers and network administrators in order to control network traffic, while trying to identify vulnerabilities that can be used by a potential intruder to gain access to critical network points.
Two versions are available Brute Shark, a version based on the GUI (Windows) and one with a command line interface (Windows and Linux).
The various functions of the program can also be used independently as an infrastructure for analyzing network traffic on Linux or Windows computers.
The project was developed in my spare time to address my two main passions: software architecture and network data analysis.
Operation of the program
- Export and encode user credentials
- Extract hashes and break through hashcat
- Creating a network diagram
- TCP connection reconstructions
Password Extracting (HTTP, TELNET, IMAP, FTP, SMTP)
Hashes Extracting (HTTP-Digest, NTLM, CRAM-MD5)
Building a Network Diagram
Reconstruct all TCP Sessions
Brute Shark CLI
- Windows - download the file from here Windows Installer (64 Bit).
- Linux - download the file from here BruteSharkCli.zip and run BruteSharkCli.exe using MONO:
wget https://github.com/odedshimon/BruteShark/releases/latest/download/BruteSharkCli.zip unzip BruteSharkCli.zip mono BruteSharkCli / BruteSharkCli.exe