GitHub

Resurrection and enhancements of Dug Song's all-time-classic network sniffer:

Hides the command line options (ENV_ARGS=) from the process list (ps).
Decodes SNI and SSH-banners (-v).
HTTP parsing improvements & Cookie logging.
No duplicates: Reports each result only once.
Stand-alone & static binary (no need for dsniff.magic/dsniff.services)
Deep-Packet-Inspection (-m). Port agnostic.

Download the Pre Compiled Static Binary for Linux, FreeBSD and OpenBSD.

Run (example):

export ENV_ARGS="-i eth0 -P -v -m" # hide options from the process list
./dsniff

The reason why I prefer dsniff over most others:

The results give a quick overview who/where SSL/SSH is being used.
It logs Cookies and Session IDs.
It shows plaintext HTTP Location: redirects to HTTPS.
It shows WireGuard or SSH on non-default ports (like port 31337). Those tend to be worthy admins.

Compile:

./configure --enable static && make dsniff

Compare original: Diff
Original README

Similar tools:

Name		Name	Last commit message	Last commit date
Latest commit History 92 Commits
.github/workflows		.github/workflows
debian		debian
missing		missing
.gitignore		.gitignore
CHANGES		CHANGES
LICENSE		LICENSE
Makefile.in		Makefile.in
README		README
README.md		README.md
TODO		TODO
acconfig.h		acconfig.h
arp.c		arp.c
arp.h		arp.h
arpspoof.8		arpspoof.8
arpspoof.c		arpspoof.c
asn1.c		asn1.c
asn1.h		asn1.h
base64.c		base64.c
base64.h		base64.h
buf.c		buf.c
buf.h		buf.h
config.h.in		config.h.in
configure		configure
configure.ac		configure.ac
crc32.c		crc32.c
crc32.h		crc32.h
decode.c		decode.c
decode.h		decode.h
decode_aim.c		decode_aim.c
decode_citrix.c		decode_citrix.c
decode_cvs.c		decode_cvs.c
decode_ftp.c		decode_ftp.c
decode_hex.c		decode_hex.c
decode_http.c		decode_http.c
decode_icq.c		decode_icq.c
decode_imap.c		decode_imap.c
decode_irc.c		decode_irc.c
decode_ldap.c		decode_ldap.c
decode_mmxp.c		decode_mmxp.c
decode_mountd.c		decode_mountd.c
decode_napster.c		decode_napster.c
decode_nntp.c		decode_nntp.c
decode_oracle.c		decode_oracle.c
decode_ospf.c		decode_ospf.c
decode_pcanywhere.c		decode_pcanywhere.c
decode_pop.c		decode_pop.c
decode_portmap.c		decode_portmap.c
decode_postgresql.c		decode_postgresql.c
decode_pptp.c		decode_pptp.c
decode_rip.c		decode_rip.c
decode_rlogin.c		decode_rlogin.c
decode_smb.c		decode_smb.c
decode_smtp.c		decode_smtp.c
decode_sni.c		decode_sni.c
decode_sniffer.c		decode_sniffer.c
decode_snmp.c		decode_snmp.c
decode_socks.c		decode_socks.c
decode_ssh.c		decode_ssh.c
decode_tds.c		decode_tds.c
decode_telnet.c		decode_telnet.c
decode_vrrp.c		decode_vrrp.c
decode_x11.c		decode_x11.c
decode_yp.c		decode_yp.c
dnsspoof.8		dnsspoof.8
dnsspoof.c		dnsspoof.c
dnsspoof.hosts		dnsspoof.hosts
dsniff.8		dsniff.8
dsniff.c		dsniff.c
dsniff.magic		dsniff.magic
dsniff.services		dsniff.services
dsniff_magic.h		dsniff_magic.h
dsniff_services.h		dsniff_services.h
env2argv.c		env2argv.c
env2argv.h		env2argv.h
filesnarf.8		filesnarf.8
filesnarf.c		filesnarf.c
hex.c		hex.c
hex.h		hex.h
install-sh		install-sh
macof.8		macof.8
macof.c		macof.c
magic.c		magic.c
magic.h		magic.h
mailsnarf.8		mailsnarf.8
mailsnarf.c		mailsnarf.c
mount.c		mount.c
mount.h		mount.h
mount.x		mount.x
msgsnarf.8		msgsnarf.8
msgsnarf.c		msgsnarf.c
nfs_prot.c		nfs_prot.c
nfs_prot.h		nfs_prot.h
nfs_prot.x		nfs_prot.x
options.h		options.h
pathnames.h		pathnames.h
pcaputil.c		pcaputil.c
pcaputil.h		pcaputil.h
record.c		record.c
record.h		record.h
remote.c		remote.c

License

hackerschoice/dsniff

Folders and files

Latest commit

History