forked from hatRiot/zarp
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathREADME
47 lines (39 loc) · 2.25 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
NOTE: This is still very much a work in progress, and not all functionality is yet implemented. I will update this
readme with a link to the blogpost regarding this.
[ZARP]
:Version 0.02
:Network Attack Tool
:@ballastsec, @dronesec
[INTRODUCTION]
Zarp is a network attack tool centered around exploitation of local networks. This does not include system
exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions
can be managed to quickly poison and sniff multiple systems at once, dumping sensitive information automatically
or to the attacker directly. Various sniffers are included to automatically parse usernames and passwords from
various protocols, as well as view HTTP traffic and more. DoS attacks are included to knock out various systems and
applications. These tools open up the possibility for very complex attack scenarios on live networks quickly,
cleanly, and quietly.
[TOOL OVERVIEW]
[POISONERS]
Various man in the middle tools provide a stepping stone for more complex attacks.
: ARP, DNS, DHCP :
[DOS]
Denial of service tools for rendering various systems unusable.
: Teardrop, IPv6 NDP RA, Nestea, LAND, TCP SYN, SMB2 :
[SNIFFERS]
Post-poisoning tools for aggressively parsing and sniffing local traffic. These are used to
intelligently view poisoned traffic.
: HTTP Traffic, Password and Username Sniffer :
[SCANNERS]
These tools can be used for mapping a network out. Network topography and service systems can
be automatically mapped out to assist in the planning of attacks.
: Network Scanner, Service Scanner, Access Point Scanner :
[EMULATE]
These are functionally different from poisoners in that they provide a spoofed service. For example,
you could set up a fake SSH service or a honeypot FTP server and poison a systems DNS to redirect to
yours. When you get a hit, remove the DNS poison and allow it to resolve correctly.
: Spoof HTTP Server, Spoof SSH Server :
[PARAMETER]
Parameter tools are for use when you're on the outside of a network. These will assist in mapping
out potential entry points and soft spots for vulnerabilities. These, in conjunction with Scanners,
should give you a solid picture of what's available.
: WEP Crack, WPA2 Crack, Router pwn :