# πŸ•΅οΈβ€β™€οΈ **Bettercap Cheatsheet** πŸ•΅οΈ Bettercap is an indispensable tool for network reconnaissance, sniffing, and executing Man-In-The-Middle (MITM) attacks on local networks. --- ## Table of Contents 1. [πŸ” Network Reconnaissance](#-network-reconnaissance) 2. [πŸ₯· ARP Spoofing](#-arp-spoofing) 3. [πŸ“‘ Network Sniffing](#-network-sniffing) 4. [πŸ•Έ Web Proxy](#-web-proxy) 5. [🚦 TLS Proxy](#-tls-proxy) 6. [πŸŒ€ DNS Spoofing](#-dns-spoofing) 7. [πŸ’» HTTPS & HSTS Bypass](#-https--hsts-bypass) 8. [πŸ“Œ Miscellaneous Commands](#-miscellaneous-commands) --- ## πŸ” **Network Reconnaissance** - `net.probe on` πŸ‘€ - Initiate an ARP scan to discover live hosts on the network. - `net.show` πŸ“‘ - Display detected devices on the network, complete with IPs, MAC addresses, and other details. - `net.recon on/off` πŸ•΅οΈβ€β™‚οΈ - Enable/disable passive network traffic analysis to discover hosts. --- ## πŸ₯· **ARP Spoofing** - `set arp.spoof.targets [IP]` ✨ - Designate a target IP for ARP cache poisoning to reroute its traffic. - `arp.spoof on/off` πŸ’₯ - Engage/disengage ARP spoofing against the chosen target. - `set arp.spoof.internal true` πŸ” - Poison ARP caches for all connections between internal hosts on the LAN. --- ## πŸ“‘ **Network Sniffing** - `net.sniff on/off` ▢️⏸️ - Begin/halt packet capture to log network traffic. --- ## πŸ•Έ **Web Proxy** - `set proxy.port [PORT]` πŸ€– - Assign the listening port for the proxy server. - `proxy on/off` πŸŽšοΈπŸ›‘ - Activate/deactivate the proxy server to intercept and manipulate HTTP requests. --- ## 🚦 **TLS Proxy** - `tls.proxy on/off` πŸ”“πŸ”’ - Enable/disable the TLS proxy. This intercepts and decrypts HTTPS traffic by mimicking certificate validation. --- ## πŸŒ€ **DNS Spoofing** - `set dns.spoof.domains [DOMAIN]` 🌐 - Select a domain for DNS hijacking. - `dns.spoof on` πŸ₯· - Activate DNS response spoofing for the specified domain. --- ## πŸ’» **HTTPS & HSTS Bypass** - `hstshijack.load` πŸ›‘οΈ - Load the module to overcome HSTS, a web security protocol, useful for exploiting HTTPS sites. --- ## πŸ“Œ **Miscellaneous Commands** - `events.clear` 🧹 - Wipe out all recorded network events. - `set [OPTION] [VALUE]` βš™οΈ - Adjust configuration options to suit your needs. - `help` ❓ - Display the help menu with an overview of commands. ---