BetterCAP alternatives

Looking for an alternative tool to replace BetterCAP? During the review of BetterCAP we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. Bowcaster (exploit development framework)
  2. fsociety (penetration testing framework)
  3. Kitty (fuzzing framework)

These tools are ranked as the best alternatives to BetterCAP.

Alternatives (by score)

60

Bowcaster

Introduction

Bowcaster is a framework to create exploits. It is written in Python and comes with a set of tool and modules to help exploit development.

Project details

Bowcaster is written in Python.

Strengths and weaknesses

  • + The source code of this software is available
  • - No updates for a while

Typical usage

  • Exploit development
  • Penetration testing

Bowcaster review

64

fsociety

Introduction

The fsociety toolkit is a penetration framework containing other security tools. The project states that is includes all the tools that are used in the Mr. Robot tv series.

Project details

fsociety is written in Python.

Strengths and weaknesses

  • + More than 10 contributors
  • + More than 2000 GitHub stars
  • + The source code of this software is available
  • - Full name of author is unknown

Typical usage

  • Penetration testing
  • Security assessment

fsociety review

60

Kitty

Introduction

Kitty is a framework for those who want to do fuzzing unusual targets, like proprietary protocols. Although Kitty itself is not a fuzzing tool, it allows one to build a fuzzing tool.

Project details

Kitty is written in Python.

Strengths and weaknesses

  • + The source code of this software is available

    Typical usage

    • Application fuzzing

    Kitty review

    76

    Malice

    Introduction

    Malice is a malware analysis that wants to provide a free and open source version of VirusTotal. The goal of Malice is to make it usable by both independent researchers up to fortune 500 companies.

    Malice is useful for those that do malware analysis or deal with user-generated files that may contain malware. The framework allows scanning files and directories to see if they are infected.

    Project details

    Malice is written in Golang.

    Strengths and weaknesses

    • + More than 500 GitHub stars
    • + The source code of this software is available

      Typical usage

      • Malware analysis
      • Malware detection
      • Malware research
      • Malware scanning

      Malice review

      74

      Metasploit Framework

      Introduction

      Metasploit is a framework that consists of tools to perform security assignments. It focuses on the offensive side of security and leverages exploit modules.

      Project details

      Metasploit Framework is written in Ruby.

      Strengths and weaknesses

      • + More than 400 contributors
      • + More than 9000 stars
      • + Many maintainers
      • + The source code of this software is available
      • + Supported by a large company
      • + Well-known tool

        Typical usage

        • Penetration testing
        • Security assessment
        • Vulnerability scanning

        Metasploit Framework review

        88

        OWTF (Offensive Web Testing Framework)

        Introduction

        OWTF is short for Offensive Web Testing Framework and it is one of the many OWASP projects to improve security.

        Project details

        OWTF is written in Python.

        Strengths and weaknesses

        • + More than 25 contributors
        • + More than 500 GitHub stars
        • + The source code of this software is available

          Typical usage

          • Penetration testing
          • Security assessment

          OWTF review

          93

          Pocsuite

          Introduction

          Pocsuite is a remote vulnerability testing and development framework. It can be used by penetration testers and vulnerability researchers.

          Project details

          Pocsuite is written in Python.

          Strengths and weaknesses

          • + More than 10 contributors
          • + More than 1000 GitHub stars
          • + The source code of this software is available

            Typical usage

            • Vulnerability development
            • Vulnerability testing

            Pocsuite review

            70

            Viper

            Introduction

            Viper organizes the malware samples and exploits you found over time. It calls itself "Metasploit for malware researchers". Viper has a terminal interface to store, search and analyze files. As it is a framework, is also allows you to create your plugins.

            Project details

            63

            ArpON

            Introduction

            ArpOn protects a system by running as a daemon and guard against a Man in the Middle (MitM) attack due to ARP spoofing, cache poisoning, or an ARP poison routing attack.

            The tool works by using three types of inspection to detect a related attack.

            • SARPI (Static ARP Inspection), statically configured networks (without DHCP)
            • DARPI (Dynamic ARP Inspection), dynamically configured networks (with DHCP)
            • HARPI (Hybrid ARP Inspection), statically and dynamically configured networks (with DHCP)

            Project details

            ArpON is written in C.

            Strengths and weaknesses

            • + The source code of this software is available

              ArpON review

              63

              DNSChef

              Introduction

              DNSChef is a DNS proxy that can be used terminate or intercept traffic for DNS traffic. This might be useful during a penetration test or when researching malware and manipulate the actual DNS responses.

              Project details

              78

              mitmproxy (mitmproxy)

              Introduction

              The mitmproxy tool allows to intercept, inspect, modify, and replay traffic flows. It may be used for pentesting, troubleshooting, or learning about SSL/TLS.

              Project details

              mitmproxy is written in Python.

              Strengths and weaknesses

              • + More than 200 contributors
              • + More than 10000 GitHub stars
              • + The source code of this software is available

                Typical usage

                • Network analysis
                • Penetration testing
                • Security assessment

                mitmproxy review

                60

                Nili

                Introduction

                This tool performs multiple types of scanning and attacks, which can be useful during penetration tests and security assignments.

                Project details

                Nili is written in Python.

                Strengths and weaknesses

                • + The source code of this software is available

                  Typical usage

                  • Network scanning
                  • Penetration testing
                  • Security assessment

                  Nili review

                  64

                  Seth

                  Introduction

                  Seth is a security tool to perform a man-in-the-middle (MitM) attack and extract clear text credentials from RDP connections.

                  Project details

                  Seth is written in Python, shell script.

                  Strengths and weaknesses

                  • + The source code of this software is available

                    Typical usage

                    • Penetration testing
                    • Security assessment

                    Seth review

                    60

                    SSH MITM

                    Introduction

                    This tool would most likely be used to intercept traffic during security assessments. Plaintext passwords and session data can be intercepted with it.

                    Project details

                    SSH MITM is written in Python.

                    Strengths and weaknesses

                    • + More than 1000 GitHub stars
                    • + The source code of this software is available

                      Typical usage

                      • Password discovery
                      • Security assessment
                      • Session hijacking

                      SSH MITM review

                      60

                      sslcaudit

                      Introduction

                      Sslcaudit is a tool that focuses on the niche of testing SSL/TLS clients.

                      Project details

                      sslcaudit is written in Python.

                      Strengths and weaknesses

                      • + The source code of this software is available

                        Typical usage

                        • Security assessment
                        • Software testing

                        sslcaudit review

                        81

                        SSLsplit

                        Introduction

                        SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.

                        SSLsplit supports plain TCP, plain SSL, HTTP and HTTPS connections over both IPv4 and IPv6. For SSL and HTTPS connections, SSLsplit generates and signs forged X509v3 certificates on-the-fly, based on the original server certificate subject DN and subjectAltName extension. SSLsplit fully supports Server Name Indication (SNI) and is able to work with RSA, DSA and ECDSA keys and DHE and ECDHE cipher suites. Depending on the version of OpenSSL, SSLsplit supports SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2, and optionally SSL 2.0 as well. SSLsplit can also use existing certificates of which the private key is available, instead of generating forged ones. SSLsplit supports NULL-prefix CN certificates and can deny OCSP requests in a generic way. For HTTP and HTTPS connections, SSLsplit removes response headers for HPKP in order to prevent public key pinning, for HSTS to allow the user to accept untrusted certificates, and Alternate Protocols to prevent switching to QUIC/SPDY. As an experimental feature, SSLsplit supports STARTTLS mechanisms in a generic manner.

                        Project details

                        SSLsplit is written in C.

                        Strengths and weaknesses

                        • + The source code of this software is available

                          Typical usage

                          • Learning
                          • Network analysis
                          • Penetration testing
                          • Security assessment

                          SSLsplit review

                          Some relevant tool missing as an alternative to BetterCAP? Please contact us with your suggestion.