Responder- MITM and Network Spoofing Tool

Responder is a tool from SpiderLabs that can be used during a pentest for spoofing and network man-in-the-middle attacks. Initially the utility comes to spoof special network protocols for resolving hostnames such as NBNS which is similar to DNS service. Now responder can be used against many advanced protocols including DNS , ICMP redirect ,SMB Relay and more.

Beside spoofing Responder may include fake services that emulate protocols and listen on ports to have all user activity. Emulated services include HTTP, SMB, MS SQL, FTP , LDAP, SMTP, POP3.  This obviously will help in getting passwords in plain text and the authentication credential for NTLM service.

All type of authentication are supported in this tool to make it a good match for the MITM attack it is based on python and have several scripts that can be used to target any service. you can customize the settings according to your need.

responderscreenshot for responder options

You can find the tool description and usage from this link:

Notify of
Inline Feedbacks
View all comments