This project is an ARP spoofing tool written in Rust that allows security researchers to capture ARP traffic on a network, carry out ARP spoofing attacks, and conduct in-depth analysis of ARP spoofing-related activities. Here is a summary of the main modules and functions of this tool:
This project is currently in development.
This module is responsible for capturing and recording ARP traffic on the network.
-
capture_arp_packets: Initiates the capture of ARP packets on the network. -
get_victim_mac(ip_address): Retrieves the MAC address of a victim based on their IP address. -
get_router_mac(): Obtains the MAC address of the router or gateway on the network. -
log_arp_packet(packet): Logs and stores captured ARP packets. -
analyze_arp_traffic(packets): Performs an analysis of captured ARP packets to detect suspicious patterns.
This module is responsible for creating and sending fake ARP packets in the network.
-
craft_arp_packet(src_mac, src_ip, target_mac, target_ip): Creates fake ARP packets with custom MAC and IP addresses. -
send_arp_packet(packet): Sends fake ARP packets to victims and the router. -
restore_arp_table(victim_mac, victim_ip, router_mac, router_ip): Restores the ARP table of victims and the router to their original state when necessary.
This module automates the ARP spoofing process between the victim and the attacker.
-
arp_spoof_victim(victim_ip, victim_mac): Initiates ARP spoofing for the victim. -
arp_spoof_router(router_ip, router_mac): Spoofs the router's MAC address to victims. -
arp_spoof_cleanup(): Safely stops and reverses ARP spoofing.
This module is responsible for registering and analyzing ARP spoofing-related activities.
-
log_arp_spoofing_activity(activity): Records ARP spoofing activities performed during the investigation. -
analyze_arp_spoofing_effects(effects): Evaluates the impact of ARP spoofing attacks on the network.
This module implements techniques for detecting and preventing ARP spoofing attacks.
-
detect_arp_spoofing(): Detects ARP spoofing on the network using techniques such as monitoring the ARP table and MAC address comparison. -
prevent_arp_spoofing(): Implements measures to prevent or mitigate ARP spoofing attacks on the network.
This project provides a comprehensive tool for security researchers and network professionals looking to explore and protect their networks against ARP spoofing attacks.