diff --git a/bettercap-cheatsheet.md b/bettercap-cheatsheet.md new file mode 100644 index 0000000..4c4402e --- /dev/null +++ b/bettercap-cheatsheet.md @@ -0,0 +1,90 @@ +# πŸ•΅οΈβ€β™€οΈ **Bettercap Cheatsheet** πŸ•΅οΈ + +Bettercap is an indispensable tool for network reconnaissance, sniffing, and executing Man-In-The-Middle (MITM) attacks on local networks. + +--- + +## Table of Contents +1. [πŸ” Network Reconnaissance](#-network-reconnaissance) +2. [πŸ₯· ARP Spoofing](#-arp-spoofing) +3. [πŸ“‘ Network Sniffing](#-network-sniffing) +4. [πŸ•Έ Web Proxy](#-web-proxy) +5. [🚦 TLS Proxy](#-tls-proxy) +6. [πŸŒ€ DNS Spoofing](#-dns-spoofing) +7. [πŸ’» HTTPS & HSTS Bypass](#-https--hsts-bypass) +8. [πŸ“Œ Miscellaneous Commands](#-miscellaneous-commands) + +--- + +## πŸ” **Network Reconnaissance** + +- `net.probe on` πŸ‘€ + - Initiate an ARP scan to discover live hosts on the network. +- `net.show` πŸ“‘ + - Display detected devices on the network, complete with IPs, MAC addresses, and other details. +- `net.recon on/off` πŸ•΅οΈβ€β™‚οΈ + - Enable/disable passive network traffic analysis to discover hosts. + +--- + +## πŸ₯· **ARP Spoofing** + +- `set arp.spoof.targets [IP]` ✨ + - Designate a target IP for ARP cache poisoning to reroute its traffic. +- `arp.spoof on/off` πŸ’₯ + - Engage/disengage ARP spoofing against the chosen target. +- `set arp.spoof.internal true` πŸ” + - Poison ARP caches for all connections between internal hosts on the LAN. + +--- + +## πŸ“‘ **Network Sniffing** + +- `net.sniff on/off` ▢️⏸️ + - Begin/halt packet capture to log network traffic. + +--- + +## πŸ•Έ **Web Proxy** + +- `set proxy.port [PORT]` πŸ€– + - Assign the listening port for the proxy server. +- `proxy on/off` πŸŽšοΈπŸ›‘ + - Activate/deactivate the proxy server to intercept and manipulate HTTP requests. + +--- + +## 🚦 **TLS Proxy** + +- `tls.proxy on/off` πŸ”“πŸ”’ + - Enable/disable the TLS proxy. This intercepts and decrypts HTTPS traffic by mimicking certificate validation. + +--- + +## πŸŒ€ **DNS Spoofing** + +- `set dns.spoof.domains [DOMAIN]` 🌐 + - Select a domain for DNS hijacking. +- `dns.spoof on` πŸ₯· + - Activate DNS response spoofing for the specified domain. + +--- + +## πŸ’» **HTTPS & HSTS Bypass** + +- `hstshijack.load` πŸ›‘οΈ + - Load the module to overcome HSTS, a web security protocol, useful for exploiting HTTPS sites. + +--- + +## πŸ“Œ **Miscellaneous Commands** + +- `events.clear` 🧹 + - Wipe out all recorded network events. +- `set [OPTION] [VALUE]` βš™οΈ + - Adjust configuration options to suit your needs. +- `help` ❓ + - Display the help menu with an overview of commands. + +--- +