CAPitan

CAPitan is a scriptable web UI based network sniffer, ARP scanner and spoofing build for being lightweight and easy to config.

Installation

First install libpcap if you are on Linux or npcap if your are on windows. Then...

go install github.com/shoriwe/CAPitan/cmd/capitan@latest

Preview

To start CAPitan in memory mode at 127.0.0.1:8080 execute:

capitan memory

Then you can visit it from the url

http://127.0.0.1:8080

For more options check:

capitan memory -h

capitan help

The default credentials to login in the memory mode are:

Username: admin

Password: admin

Network packet capture

Listing old captures

Creating new captures

Importing pcap files

Looking at results

TCP streams

Packets captured

Topology

Packets send per host count

Layer 4 type count

TCP stream content types

ARP Scanner

List old scans

Start new scan

ARP Spoofing

Documentation

You can check the documentation of the scripting language plasma.

Then for the scripting functionality of the Network packet sniffer you can check here.

For the scripting functionality of the ARP scanner check here.

Important note

The entire application is filled with XSS holes that I'm still patching, so you are advised.