LinuxCommandLibrary

bettercap

Perform network and WiFi security attacks

SYNOPSIS

bettercap [options]

PARAMETERS

-iface <interface>
    Specify the network interface to bind to (e.g., wlan0)

-caplet <caplet[:args]>
    Load and execute a caplet file or remote caplet with arguments

-eval <command>
    Evaluate the given commands before starting

-T <target>
    Specify a target host IP or CIDR range

-proxy-module <module>
    Enable the specified proxy module (e.g., http.proxy)

-no-discovery
    Disable host discovery at startup

-no-summary
    Disable the endpoint summary at startup

-no-colors
    Disable colored output

--proxy-script <script>
    Load a JavaScript proxy script

-h, --help
    Show help message and exit

-v, --version
    Show version information

DESCRIPTION

Bettercap is a powerful, next-generation interactive framework designed for network penetration testing and security assessments. It acts as a Swiss Army knife for modern networks, supporting WiFi (802.11), Bluetooth Low Energy, and Ethernet environments. Key capabilities include network sniffing, packet injection, Man-in-the-Middle (MITM) attacks, ARP/DNS spoofing, SSL stripping, and traffic analysis.

Unlike traditional tools, bettercap features a modular architecture with a built-in web-based UI for real-time visualization and control. It supports caplets—pre-configured scripts for common attacks like beef-xss or hstshijack—and an interactive Ruby-like console for scripting. Written in Go, it's cross-platform (Linux, macOS, Windows, Android) and actively maintained.

Primarily used by ethical hackers and red teams, it excels in wireless auditing (e.g., deauthentication, PMKID attacks), BLE reconnaissance, and wired network exploitation. Always use responsibly in authorized environments only.

CAVEATS

Requires root privileges; potential for network disruption or detection by IDS/IPS; for authorized pentesting only—illegal use violates laws like CFAA.

INSTALLATION

Install via apt on Kali/Debian: sudo apt install bettercap; or Go: go install github.com/bettercap/bettercap@latest.

BASIC USAGE

Run sudo bettercap -iface wlan0 for interactive mode; use net.probe on; net.show in console for discovery.

HISTORY

Originally developed in Ruby by Simone Margaritelli (evilsocket) as BetterCAP v1 in 2014 for WiFi auditing. Rewritten in Go as v2 in 2017 for better performance and modularity. Now at v2.32+ with Bluetooth support, web UI, and community caplets. Widely used in Kali Linux tools suite.

SEE ALSO

wireshark(1), airodump-ng(1), tcpdump(1), arpspoof(8)

Copied to clipboard