Resurrection and enhancements of Dug Song's all-time-classic network sniffer:
- Hides the command line options (
ENV_ARGS=
) from the process list (ps
). - Decodes SNI and SSH-banners (
-v
). - HTTP parsing improvements & Cookie logging.
- No duplicates: Reports each result only once.
- Stand-alone & static binary (no need for dsniff.magic/dsniff.services)
- Deep-Packet-Inspection (
-m
). Port agnostic.
Download the Pre Compiled Static Binary for Linux, FreeBSD and OpenBSD.
Run (example):
export ENV_ARGS="-i eth0 -P -v -m" # hide options from the process list
./dsniff
The reason why I prefer dsniff over most others:
- The results give a quick overview who/where SSL/SSH is being used.
- It logs Cookies and Session IDs.
- It shows plaintext HTTP
Location:
redirects to HTTPS. - It shows WireGuard or SSH on non-default ports (like port 31337). Those tend to be worthy admins.
Compile:
./configure --enable static && make dsniff
Compare original: Diff
Original README
Similar tools: