Espionage: Network Packet and Traffic Interceptor for Linux

Espionage is a network packet sniffer that tracks large amounts of data passing through an interface.

The tool allows users to perform regular and detailed motion analysis showing a live data flow, revealing packet directions, protocols, flags, etc.

It can thus forge ARP so that all data sent from the target is redirected via a MiTM attack.

Το Espionage υποστηρίζει IPv4, TCP / UDP, ICMP και HTTP. Η υποστήριξη Scapy είναι επίσης διαθέσιμη, ώστε οι χρήστες να μπορούν να τρέχουν sniffs  σε βάθος χρησιμοποιώντας τη βιβλιο Scapy. Το Espionage είναι γραμμένο σε Python 3.8, αλλά υποστηρίζει επίσης την έκδοση 3.6. Αυτή είναι η πρώτη έκδοση του εργαλείου, οπότε επικοινωνήστε με τον προγραμματιστή εάν θέλετε να συμβάλλετε και να προσθέσετε περισσότερα στο Espionage.

Installation

1: git clone https://www.github.com/josh0xA/Espionage.git
2: cd Espionage
3: sudo python3 -m pip install -r requirements.txt
4: sudo python3 espionage.py –help

Use

  1.  sudo python3 espionage.py –normal –iface wlan0 -f capture_output.pcap
    Command 1 will execute a clean package sniff and save the results to the pcap file. Replace wlan0 with whatever your network interface is.
  2. sudo python3 espionage.py –verbose –iface wlan0 -f capture_output.pcap
    Command 2 will execute a more detailed (root) package sniff and save the supplied pcap file.
  3. sudo python3 espionage.py –normal –iface wlan0
    Command 3 will continue to run a clean packet sniff, but will not save the data to a pcap file. It is recommended to save the packages.
  4. sudo python3 espionage.py –verbose –httpraw –iface wlan0
    Command 4 will execute a root packet sniff and will also display raw http / tcp packet data in bytes.

  5. Command 5 will forge ARP packets to the destination ip address and all data sent will be returned to the attacker's machine (to you / localhost).
  • Press Ctrl + C to stop tracking packets and save the data as it exits the file.

Options menu

usage: espionage.py [-h] [--version] [-n] [-v] [-hr] [-f FILENAME] -i IFACE [-t TARGET]

optional arguments:
  -h, --help            show this help message and exit
  --version             returns the packet sniffers version.
  -n, --normal          executes a cleaner interception, less sophisticated.
  -v, --verbose         (recommended) executes a more in-depth packet interception/sniff.
  -hr, --httpraw        displays raw packet data (byte ) received or sent on port 80. (Recommended) arguments for data output (.pcap): -f FILENAME, --filename FILENAME name of file to store the output (make extension '.pcap'). (Required) arguments required for execution: -i IFACE, --iface IFACE specify network interface (ie. wlan0, eth0, wlan1, etc.) (ARP Spoofing) required arguments in-order to use the ARP Spoofing utility: -t TARGET , --target TARGET specify the target IP address to spoof.

Video guide

https://asciinema.org/a/suAKny1Hh7Ai7L6jedrDoJqbZ

 

iGuRu.gr The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

EspionageNetwork Packets

Written by Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).