2. Detect Session Hijacking
Fortunately, there are various tools available that can help you to detect session hijacking attacks such as packet sniffers, IDSs, and SIEMs.
Last updated
Fortunately, there are various tools available that can help you to detect session hijacking attacks such as packet sniffers, IDSs, and SIEMs.
Last updated
Run bettercap -iface eth0 to set the network interface.
-iface: specifies the interface to bind to (here, eth0).
Type net.probe on and press Enter. This module will send different types of probe packets to each IP in the current subnet for the net.recon module to detect them.
Type net.recon on and press Enter. This module is responsible for periodically reading the system ARP table to detect new hosts on the network.
The net.recon module displays the detected active IP addresses in the network. In real-time, this module will start sniffing network packets.
Type net.sniff on and press Enter. This module is responsible for performing sniffing on the network.
You can observe that bettercap starts sniffing network traffic on different machines in the network, as shown in the screenshot.
A huge number of Arp requests, indicate attack in progress.
