Hello, everyone. This is IRISnoir from Hackingarise. How are you all today. I’m here with another tutorial. This time, I will discuss about Bettercap.

Overview:
Bettercap is the Swiss Army knife for WiFi, Bluetooth Low Energy, wireless HID hijacking and Ethernet networks reconnaissance and MITM attacks. It is capable of doing multiple network scans, attacks, spoof, etc..

Install it with:
apt install bettercap
You also need to root your device. When you’re done rooting, use:
apt install tsu

Then, to use it, use:
tsudo bettercap

It should open up a CLI interface for you. Use the ‘help’ command. From there, you can see a list of commands and available modules.

Each modules serves a different purpose. For example, to enable arp.spoof, use:
arp.spoof on

In them, there are variables which you can set to alter your results. For example, to view the definable variables of net.sniff, type:
help net.sniff
This will display all available commands and variables with will have description written on them with full details.

You might want to alter some of the variables. For example, to set the variable: net.sniff.local to true, use this:
set net.sniff.local true
Here is some examples:

To make Bettercap sniff the network like Wireshark. The order is:

set net.sniff.local true
set net.sniff.verbose true
set net.sniff.filter ""
net.sniff on

Another function is to ban user connectivity with Address Resolution Protocol packets. The command is simple:
arp.ban on
And you’re good.

Next is wifi recon. This is something that only works on machines that uses wifi adapters which supports packet injection and monitor mode.
wifi.recon on

You can do many stuff with bettercap. This is just an overview of the tool. I hope you like this post I made. Remember, Hackingarise is intended to be educational. We won’t be responsible for any of your malicious acts. Thank you for reading, stay safe, stay ethical.

Leave a Reply