Packages and Binaries:

above

This package contains an invisible protocol sniffer for finding vulnerabilities in the network, designed for pentesters and security professionals.

It is based entirely on network traffic analysis, so it does not make any noise on the air. Above allows pentesters to automate the process of finding vulnerabilities in network hardware. Discovery protocols, dynamic routing, FHRP, STP, LLMNR/NBT-NS, etc.

The tool can also both listen to traffic on the interface and analyze already existing pcap files.

Installed size: 1.42 MB
How to install: sudo apt install above

above

root@kali:~# above -h
                                             
      ___  _                    
     / _ \| |                   
    / /_\ \ |__   _____   _____ 
    |  _  | '_ \ / _ \ \ / / _ \
    | | | | |_) | (_) \ V /  __/
    \_| |_/_.__/ \___/ \_/ \___|
    
    Invisible network protocol sniffer. Designed for security engineers

    Author: Magama Bazarov, <[email protected]>
    Alias: Caster
    Version: 2.8
    Codename: Rubens Barrichello

    [!] Above does NOT perform MITM or credential capture. Passive analysis only
    [!] Unauthorized use in third-party networks may violate local laws
    [!] The developer assumes NO liability for improper or illegal use

    [*] OUI Database Loaded. Entries: 36858
usage: above [-h] [--interface INTERFACE] [--timer TIMER] [--output OUTPUT]
             [--input INPUT] [--passive-arp] [--search-vlan]

options:
  -h, --help            show this help message and exit
  --interface INTERFACE
                        Interface for traffic listening
  --timer TIMER         Time in seconds to capture packets, default: not set
  --output OUTPUT       File name where the traffic will be recorded, default:
                        not set
  --input INPUT         File name of the traffic dump
  --passive-arp         Passive ARP (Host Discovery)
  --search-vlan         VLAN Search