bettercap
« Back to VersTracker
Description:
Swiss army knife for network attacks and monitoring
Type: Formula  |  Latest Version: 2.41.5@0  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  @bettercap  |  formulae.brew.sh
Category: Security
Tags: security networking penetration-testing mitm packet-sniffing
Install: brew install bettercap
About:
BetterCap is a powerful, modular, and portable framework for performing Man-in-the-Middle (MitM) attacks, network discovery, and traffic manipulation. It allows security professionals to sniff, intercept, and modify network packets in real-time. Its primary value is providing a comprehensive suite of network security testing tools in a single, easy-to-use application.
Key Features:
  • Real-time network traffic sniffing and analysis
  • ARP, DNS, and HTTPS spoofing capabilities
  • WiFi network scanning and attacks (handshake capture, etc.)
  • Modular architecture for custom scripting and extensions
Use Cases:
  • Penetration testing and red teaming to assess network security
  • Debugging network protocols and analyzing application traffic
  • Educational purposes for learning about network vulnerabilities
Alternatives:
  • Ettercap – Ettercap is a classic tool for MitM attacks, but BetterCap is considered more modern, actively maintained, and has a more flexible, modular architecture.
  • Wireshark – Wireshark is primarily a passive network protocol analyzer, whereas BetterCap is an active framework designed to intercept, modify, and inject packets.
License: GPL-3.0-only
Dependencies: libusb, libnetfilter-queue
Bottles available for: arm64_tahoe, arm64_sequoia, arm64_sonoma, sonoma, arm64_linux, x86_64_linux
Important Notes:
bettercap requires root privileges so you will need to run `sudo bettercap`.
You should be certain that you trust any software you grant root privileges.
Version History
Detected Version Rev Change Commit
Sep 13, 2025 11:51am 0 VERSION_BUMP 8fb9da94