ARP Poisoning and Sniffing
Subdomains Identification
Certificate Cloning
TCP Analysis (ISN, Flags)
Username check on social networks
Web Techonologies Identification
and a lot more!
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/fportantier/habu.git
2) cd habu
3) habu.arp.ping [OPTIONS] IP
A) Send ARP packets to check if a host it's alive in the local network.
Example:
# habu.arp.ping 192.168.0.1
Ether / ARP is at a4:08:f5:19:17:a4 says 192.168.0.1 / Padding
Options:
-i TEXT Interface to use
-v Verbose output
--help Show this message and exit.
habu.arp.poison
Usage: habu.arp.poison [OPTIONS] VICTIM1 VICTIM2
B) Send ARP 'is-at' packets to each victim, poisoning their ARP tables for
send the traffic to your system.
Note: If you want a full working Man In The Middle attack, you need to
enable the packet forwarding on your operating system to act like a
router. You can do that using:
# echo 1 > /proc/sys/net/ipv4/ip_forward
Example:
# habu.arpoison 192.168.0.1 192.168.0.77
Ether / ARP is at f4:96:34:e5:ae:1b says 192.168.0.77
Ether / ARP is at f4:96:34:e5:ae:1b says 192.168.0.70
Ether / ARP is at f4:96:34:e5:ae:1b says 192.168.0.77
...
Options:
-i TEXT Interface to use
-v Verbose
--help Show this message and exit.
habu.arp.sniff
Usage: habu.arp.sniff [OPTIONS]
C) Listen for ARP packets and show information for each device.
Columns: Seconds from last packet | IP | MAC | Vendor
Example:
1 192.168.0.1 a4:08:f5:19:17:a4 Sagemcom Broadband SAS
7 192.168.0.2 64:bc:0c:33:e5:57 LG Electronics (Mobile Communications)
2 192.168.0.5 00:c2:c6:30:2c:58 Intel Corporate
6 192.168.0.7 54:f2:01:db:35:58 Samsung Electronics Co.,Ltd
Options:
-i TEXT Interface to use
--help Show this message and exit.
habu.asydns
Usage: habu.asydns [OPTIONS]
D) Requests a DNS domain name based on public and private RSA keys using the
AsyDNS protocol https://github.com/portantier/asydns
AND MUCH MORE