Home network intelligence and control toolkit.
Twenty-two Python modules for LAN reconnaissance, MITM, traffic analysis, device control, and WiFi attack surface. ARP spoof with automatic tcpdump capture, DNS query extraction from pcap, HTTP response injection, RTSP camera discovery, MQTT IoT manipulation, UPnP NAT traversal, BLE scanning, and 802.11 deauth/PMKID/handshake capture/evil twin attacks. All commands require root (raw socket access). Scapy for packet crafting, nmap for port scanning, tcpdump for capture.
scroll to access
Kill_Chain_Position
Capabilities
ARP scan + mDNS + SSDP
Multi-protocol device discovery with concurrent ARP, mDNS PTR, and UPnP M-SEARCH; merged inventory with MAC OUI vendor lookup
ARP spoof MITM + capture
Bidirectional ARP poisoning with automatic IP forwarding toggle; spawning tcpdump subprocess for full pcap; graceful ARP restore on exit
DNS query analysis
DNS request extraction from live sniff or saved pcap via scapy rdpcap; per-device query summary with domain categorization
HTTP sniffing + injection
Passive HTTP host/URL/UA logging + TLS SNI extraction; active response injection: BeEF hook, keylogger, redirect
Device control (iptables/tc)
Block/unblock devices via iptables DROP rules; bandwidth limit via tc qdisc; full reset to restore connectivity
MQTT IoT enumeration + injection
MQTT broker scan, topic enumeration, live message listening, and arbitrary topic publish for IoT device control
BLE scan + GATT read/write
Bluetooth Low Energy device discovery via bleak; service/characteristic enumeration; read values and write to writable characteristics
WiFi attack suite
802.11 deauth injection, WPA2 PMKID capture, 4-way handshake capture, rogue AP with captive portal, evil twin detection via BSSID comparison
Architecture
Python 3.11+ with 7 runtime deps: scapy (packet crafting/sniffing), typer (CLI), rich (terminal output), python-nmap (nmap wrapper with XML parsing), bleak (BLE), paho-mqtt (MQTT), requests (HTTP). Thirty-two Typer CLI subcommands organized into discovery, MITM, traffic analysis, device control, HTTP injection, RTSP, MQTT, UPnP, BLE, RF, and WiFi groups. Core utilities: iface.py auto-detects IP/MAC/gateway/subnet from /proc/net/route; vendor.py looks up MAC OUI from /usr/share/ieee-data/oui.txt with embedded fallback table; logger.py outputs structured JSON logs. All commands require sudo (raw socket access) with explicit RuntimeError if socket fails with EPERM. ARP restore in mitm.py always executes via try/finally.
Engagement_Types
Also_In_The_Suite
Secure_Channel
All work requires a signed scope document. Initial contact is encrypted. Response within 48h.
INITIALIZE_CONTACT