Zarp is a network attack tool centered around the exploitation of local networks. This does not include system exploitation, but rather abusing networking protocols and stacks to take over, infiltrate, and knock out. Sessions can be managed to quickly poison and sniff multiple systems at once, dumping sensitive information automatically or to the attacker directly. Various sniffers are included to automatically parse usernames and passwords from various protocols, as well as view HTTP traffic and more. DoS attacks are included to knock out various systems and applications. These tools open up the possibility for very complex attack scenarios on live networks quickly, cleanly, and quietly.
This tool is intended to be as dependency-free as possible. When available, zarp has opted to use pure or native Python implementations over requiring or importing huge libraries. Even as such, zarp requires the following to run:
- Linux
- Python 2.7.x
- Scapy (packaged with zarp)
- airmon-ng suite (for all your wireless cracking needs)
- tcpdump
- libmproxy (packaged with zarp)
- paramiko (SSH service)
- nfqueue-bindings (packet modifier)
git clone git://github.com/hatRiot/zarp.git
pip install -r requirements.txt
You can then run:
sudo python zarp.py --update
to update zarp. The update flag will not work if you download the tarball from the Git page.
Scapy comes packaged with Zarp and no installation is required. Wifite is used for wireless AP cracking; a specific version (ballast-dev branch) is required. This comes packaged with zarp. There are some dependencies required for Scapy, but most should be pretty easy to install or already be installed.
bryan@devbox:~/zarp$ sudo ./zarp.py
[!] Loaded 33 modules.
____ __ ____ ____
(__ ) / _\ ( _ \( _ '
/ _/ / \ ) / ) __/
(____)\_/\_/(__\_)(__)
[Version 0.1.4]
[1] Poisoners [5] Parameter
[2] DoS Attacks [6] Services
[3] Sniffers [7] Attacks
[4] Scanners [8] Sessions
0) Back
>
bryan@debdev:~/tools/zarp$ sudo ./zarp.py --help
[!] Loaded 34 modules.
____ __ ____ ____
(__ ) / _\ ( _ \( _ '
/ _/ / \ ) / ) __/
(____)\_/\_/(__\_)(__) [Version: 0.1.5]
usage: zarp.py [-h] [-q FILTER] [--update] [--wap] [--ftp] [--http] [--smb]
[--ssh] [--telnet] [-w] [-s] [--service-scan]
optional arguments:
-h, --help show this help message and exit
-q FILTER Generic network sniff
--update Update Zarp
Services:
--wap Wireless access point
--ftp FTP server
--http HTTP Server
--smb SMB Service
--ssh SSH Server
--telnet Telnet server
Scanners:
-w Wireless AP Scan
-s Network scanner
--service-scan Service scanner
bryan@debdev:~/tools/zarp$
You might also like:
Comments
Post a Comment