Skip to content
This is a tool to hijack and manipulate active web sessions
Python JavaScript Other
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Build Status

Theseus v1.2


Theseus is a Man-In-The-Middle (MITM) attack tool that is capable of hijacking HTTP sessions and then forcing html, css, javacript, images on to the target's browser screen.

With this tool you will not have to worry about having to setup the arpspoof or dnspoof yourself - Theseus will even get the targets mac address for you!


First you need to clone a copy of the code to your local machine:

$ git clone

Then you will need to install the dependecies for Theseus by running:

$ chmod +x configure
$ ./configure

Running Theseus

To attack a target all you need to know is their IP address, which can be easily obtained with a simple nmap scan of the network or an arp netdiscover scan:

$ nmap 192.168.1.*
$ netdiscover

Once you have your targets IP address you can now run Theseus against them.


Some of the unrequired options are:


This command will send a discreet arp ping to the victim before it starts the attack in order to gain its mac address


This command will tell Theseus to open up the server/Payloads dircetory as the root of the webserver and therefore will force any website inside this folder onto the victims. The main file must be called 'payload.html' so Theseus knows wich file to send first


This command accepts one argument either 'arp, icmp, dhcp' (only arp is working currently) and will tell Theseus how to become the mitm


This will tell Theseus the gateway ip address to attack


python3 --target <target ip address> --arp-ping --iface <interface> --force-content --spoof arp --gateway <gateway ip address>
You can’t perform that action at this time.