BetterCAP is a powerful, flexible and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in realtime, sniff for credentials and much more.
he biggest change in this version has been in the underlying technology. Bettercap switched from a Ruby application, to a compiled Go application. Go’s amazing concurrency mechanisms allows bettercap 2.0 to run on low end hardware while proxying hundreds of connections per second and forwarding tens of hundred of packets. Memory and CPU usage are now extremely optimized and you can run several instances of bettercap on your Raspberry Pi (laptop, router, or whatever … quite literally) and your CPU cores won’t even get to 20% unless you’re attacking a huge subnet. You can monitor LAN events in real time, while scanning for WiFi access points, attacking BLE devices nearby – super fast, on low end hardware. Bettercap is now a single binary with zero dependencies (or just libpcap.so on some platforms) that you can just drop on a router/server/whatever. New version supports Windows, macOS, Android, Linux (arm, mips, mips64, etc) and soon iOS
How to Install
A precompiled version is available for each release, alternatively you can use the latest version of the source code from this repository in order to build your own binary.
Make sure you have a correctly configured Go >= 1.8 environment, that
$GOPATH/bin is in
$PATH and the
libpcap-devpackage installed for your system, then:
$ go get github.com/bettercap/bettercap
This command will download bettercap, install its dependencies, compile it and move the
bettercap executable to
Now you can use
sudo bettercap -h to show the basic command line options and just
sudo bettercap to start aninteractive session on your default network interface, otherwise you can load a caplet from the dedicated repository.
In order to update to an unstable but bleeding edge release from this repository, run the command below:
$ go get -u github.com/bettercap/bettercap