NetRipper – Smart Traffic Sniffing for Penetration Testers

During penetration testing sniffing network traffic can allow to discover non encrypted traffic or service that are encrypted with weak cipher and this is usually do not require making a scan or fingerprinting remote systems. If you are looking to capture network traffic you can check NetRipper.

NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before encryption/after decryption.

The tool should be able to capture network traffic from: Putty, WinSCP, SQL Server Management Studio, Lync (Skype for Business), Microsoft Outlook, Google Chrome, Mozilla Firefox. The list is not limited to these applications but other tools may require special support.

NetRipper with Metasploit

NetRipper with Metasploit

You can download this tool over here:

Notify of
Inline Feedbacks
View all comments