There are no reviews yet. Be the first to send feedback to the community and the maintainers!
dsniff-2.4b1 ------------ This is a fork of Dug Song's dsniff tools, updated to compile and run on OS X. Installation on OS X: 1. Install dependencies: brew install berkeley-db libnet libnids libpcap openssl 2. Configure with correct paths: ./configure \ --with-libpcap=/usr/local/opt/libpcap \ --with-openssl=/usr/local/opt/openssl \ --with-libnet=/usr/local/opt/libnet \ --with-libnids=/usr/local/opt/libnids \ --without-x 3. Compile: make 4. Install: make install ------------ Original README follows ------------ i wrote these tools with honest intentions - to audit my own network, and to demonstrate the insecurity of cleartext / weakly-encrypted network protocols and ad-hoc PKI. please do not abuse this software. these programs require: Berkeley DB - http://www.sleepycat.com/ OpenSSL - http://www.openssl.org/ libpcap - http://www.tcpdump.org/ libnids - http://www.packetfactory.net/Projects/Libnids/ libnet - http://www.packetfactory.net/Projects/Libnet/ built and tested on OpenBSD, Linux, and Solaris. YMMV. what's here: arpspoof redirect packets from a target host (or all hosts) on the LAN intended for another local host by forging ARP replies. this is an extremely effective way of sniffing traffic on a switch. kernel IP forwarding (or a userland program which accomplishes the same, e.g. fragrouter :-) must be turned on ahead of time. dnsspoof forge replies to arbitrary DNS address / pointer queries on the LAN. this is useful in bypassing hostname-based access controls, or in implementing a variety of man-in-the-middle attacks (HTTP, HTTPS, SSH, Kerberos, etc). dsniff password sniffer. handles FTP, Telnet, SMTP, HTTP, POP, poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP MS-CHAP, NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL*Net, Sybase and Microsoft SQL auth info. dsniff automatically detects and minimally parses each application protocol, only saving the interesting bits, and uses Berkeley DB as its output file format, only logging unique authentication attempts. full TCP/IP reassembly is provided by libnids(3) (likewise for the following tools as well). filesnarf saves selected files sniffed from NFS traffic in the current working directory. macof flood the local network with random MAC addresses (causing some switches to fail open in repeating mode, facilitating sniffing). a straight C port of the original Perl Net::RawIP macof program. mailsnarf a fast and easy way to violate the Electronic Communications Privacy Act of 1986 (18 USC 2701-2711), be careful. outputs selected messages sniffed from SMTP and POP traffic in Berkeley mbox format, suitable for offline browsing with your favorite mail reader (mail -f, pine, etc.). msgsnarf record selected messages from sniffed AOL Instant Messenger, ICQ 2000, IRC, and Yahoo! Messenger chat sessions. sshmitm SSH monkey-in-the-middle. proxies and sniffs SSH traffic redirected by dnsspoof(8), capturing SSH password logins, and optionally hijacking interactive sessions. only SSH protocol version 1 is (or ever will be) supported - this program is far too evil already. sshow SSH traffic analysis tool. analyzes encrypted SSH-1 and SSH-2 traffic, identifying authentication attempts, the lengths of passwords entered in interactive sessions, and command line lengths. tcpkill kills specified in-progress TCP connections (useful for libnids-based applications which require a full TCP 3-whs for TCB creation). tcpnice slow down specified TCP connections via "active" traffic shaping. forges tiny TCP window advertisements, and optionally ICMP source quench replies. urlsnarf output selected URLs sniffed from HTTP traffic in CLF (Common Log Format, used by almost all web servers), suitable for offline post-processing with your favorite web log analysis tool (analog, wwwstat, etc.). webmitm HTTP / HTTPS monkey-in-the-middle. transparently proxies and sniffs web traffic redirected by dnsspoof(8), capturing most "secure" SSL-encrypted webmail logins and form submissions. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically). a fun party trick. :-) -d. --- http://www.monkey.org/~dugsong/
the_silver_searcher
A code-searching tool similar to ack, but faster.jekyll-gallery-generator
A Jekyll plugin that generates photo galleries from directories full of images.lscolors
LSCOLORS Generatorfsevents-tools
Like inotify-tools but for OS X's FSEventsdotfiles
twisted_hang
Hack day project. Figure out if the main thread is hanging, and if so, what's causing it to hang.linksplosion
Chrome extension to open all links in a selection. Great for when you don't have enough tabs open!memex_trails
Extension that adds Vannevar Bush's "trails" to Chrome.cogtrack
A tool to track one's cognitive abilities over time.CursorHide
OS X utility to hide the mouse cursor if it hasn't been moved recentlystag
Sublime Text Aghistory-stats
A Chrome extension that shows graphs about your history. Basically an excuse for me to play with d3.wtf
Slack bot hackathon thing. Ignore thisserendipity
More convenient video chatsublime-copy-github-link
crucible
Readability extension for Chrome. Based on the now-defunct readability-redux.counterforce
Listen for github webhooks and send an e-mail when anyone runs git push --force master.tail-page
Chrome extension that lets you stay scrolled to the bottom of a page. Particularly helpful for buildbot output.mpostr
GeoIP Impostorgeoff.greer.fm
cloudkick_tag_exports
Uses the Cloudkick API to build list of IPs for each tag. Handy for automating jobs across a group of servers.circleci-insights
Use CircleCI Insights API to show which tests fail the most.react-interview-example
payoff_matrix
Simple web page for displaying payoff matricesreact-redux-example
Example thing that I gave a presentation aboutLove Open Source and this site? Check out how you can help us