# bettercap/bettercap

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/bettercap-bettercap).**

18,855 stars · 1,624 forks · Go · other

## Links

- GitHub: https://github.com/bettercap/bettercap
- Homepage: https://www.bettercap.org/
- awesome-repositories: https://awesome-repositories.com/repository/bettercap-bettercap.md

## Topics

`ble` `deauthentication-attack` `dot11` `hacking` `hid` `mitm` `monitoring` `mousejack` `network-attacks` `password-sniffer` `pmkid` `proxy` `redteam` `redteaming` `rogue-ap` `security` `spoofing` `wifi` `wifi-security` `wpa2`

## Description

Bettercap is a modular framework designed for network reconnaissance, security testing, and the execution of man-in-the-middle attacks. It functions as a comprehensive utility for surveying wired and wireless network segments, identifying connected devices, and analyzing communication protocols through real-time traffic interception and manipulation.

The platform distinguishes itself through an event-driven architecture that coordinates network state changes and packet-level data through a centralized message pipeline. It provides a programmable scripting engine and an API for orchestrating security workflows, allowing users to automate reconnaissance tasks, trigger custom protocol injections, and perform credential harvesting from intercepted traffic streams.

Beyond its core interception capabilities, the tool includes specialized modules for wireless peripheral security testing and the hijacking of human interface devices. It maintains stateful session tracking to correlate fragmented traffic into coherent streams, supporting complex analysis across diverse hardware environments.

The software is distributed with support for containerized deployment to ensure consistent execution across different host systems.

## Tags

### Security & Cryptography

- [Man-in-the-Middle Frameworks](https://awesome-repositories.com/f/security-cryptography/man-in-the-middle-frameworks.md) — Provides a comprehensive framework for intercepting, proxying, and manipulating network traffic in real time to analyze communication protocols. ([source](https://www.bettercap.org/))
- [Packet Analysis Tools](https://awesome-repositories.com/f/security-cryptography/network-infrastructure-security/web-network-security/network-security/traffic-inspection-manipulation/packet-analysis-tools.md) — Positions tools between network endpoints to intercept, inspect, and modify data packets in real time for protocol analysis.
- [Security Reconnaissance Tools](https://awesome-repositories.com/f/security-cryptography/security-reconnaissance-tools.md) — Performs network reconnaissance, traffic interception, and security testing across wired and wireless environments.
- [Network Reconnaissance Tools](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/network-reconnaissance-tools.md) — Identifies connected devices, active services, and potential security vulnerabilities by surveying local wired and wireless network segments. ([source](https://www.bettercap.org/))
- [Wireless Attack Tools](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing-tools/wireless-attack-tools.md) — Scans, analyzes, and exploits vulnerabilities in local network segments and wireless peripheral communication protocols.
- [Credential Security](https://awesome-repositories.com/f/security-cryptography/identity-access-management/credential-lifecycle-management/credential-security.md) — Monitors network traffic to identify and capture sensitive credentials or authentication tokens transmitted over unencrypted or intercepted communication channels. ([source](https://www.bettercap.org/project/introduction))
- [Network Credential Capturers](https://awesome-repositories.com/f/security-cryptography/identity-access-management/credential-lifecycle-management/credential-security/credential-extraction-utilities/network-credential-capturers.md) — Identifies and extracts sensitive authentication tokens or credentials transmitted over unencrypted or intercepted network communication channels.

### Networking & Communication

- [Traffic Interception Tools](https://awesome-repositories.com/f/networking-communication/traffic-interception-tools.md) — Intercepts and modifies raw network frames at the data link layer to enable real-time inspection and manipulation of communication flows.
- [Traffic Proxying](https://awesome-repositories.com/f/networking-communication/traffic-proxying.md) — Intercepts and modifies data packets in real time to inspect or alter application information during transit between network endpoints. ([source](https://www.bettercap.org/project/introduction))
- [Peripheral Exploitation Tools](https://awesome-repositories.com/f/networking-communication/wireless-networking-tools/peripheral-exploitation-tools.md) — Simulates unauthorized inputs to wireless human interface devices to demonstrate security weaknesses in peripheral communication. ([source](https://www.bettercap.org/))
- [Custom Network Protocols](https://awesome-repositories.com/f/networking-communication/custom-network-protocols.md) — Transmits custom frames and protocol-specific commands into network environments to evaluate security defenses and simulate specific device behaviors.
- [Network Traffic Processors](https://awesome-repositories.com/f/networking-communication/network-traffic-processors.md) — Transmits custom frames and protocol-specific commands into wired or wireless networks to evaluate security posture and simulate specific device behaviors. ([source](https://www.bettercap.org/project/introduction))
- [Protocol Dissectors](https://awesome-repositories.com/f/networking-communication/network-protocols/protocol-dissectors.md) — Parses complex network traffic into structured data using pluggable handlers that identify and extract information from specific communication protocols.

### Software Engineering & Architecture

- [Event-Driven Engines](https://awesome-repositories.com/f/software-engineering-architecture/software-architecture/architectural-patterns/reactive-messaging/reactive-event-driven-systems/event-driven-engines.md) — Executes user-defined logic in response to network events by exposing internal state and packet data through a programmable interface.
- [Event Bus Systems](https://awesome-repositories.com/f/software-engineering-architecture/event-bus-systems.md) — Coordinates internal processes and system notifications through a centralized message pipeline for event-driven architecture.

### Web Development

- [API Orchestration](https://awesome-repositories.com/f/web-development/api-orchestration.md) — Provides an API for orchestrating security workflows, allowing external scripts to trigger reconnaissance or attack sequences. ([source](https://www.bettercap.org/project/introduction))

### Data & Databases

- [Session State Management](https://awesome-repositories.com/f/data-databases/session-state-management.md) — Maintains a persistent record of active network connections and device identities to correlate fragmented traffic into coherent communication streams.