bettercap ☆

« Back to VersTracker

Description:
Swiss army knife for network attacks and monitoring

Type: Formula | Latest Version: 2.41.5@0 | Tracked Since: Dec 17, 2025

Links: Homepage | @bettercap | formulae.brew.sh

Category: Security

Tags: security networking penetration-testing mitm packet-sniffing

Install: brew install bettercap

About:
BetterCap is a powerful, modular, and portable framework for performing Man-in-the-Middle (MitM) attacks, network discovery, and traffic manipulation. It allows security professionals to sniff, intercept, and modify network packets in real-time. Its primary value is providing a comprehensive suite of network security testing tools in a single, easy-to-use application.

Key Features:

Real-time network traffic sniffing and analysis
ARP, DNS, and HTTPS spoofing capabilities
WiFi network scanning and attacks (handshake capture, etc.)
Modular architecture for custom scripting and extensions

Use Cases:

Penetration testing and red teaming to assess network security
Debugging network protocols and analyzing application traffic
Educational purposes for learning about network vulnerabilities

Alternatives:

Ettercap – Ettercap is a classic tool for MitM attacks, but BetterCap is considered more modern, actively maintained, and has a more flexible, modular architecture.
Wireshark – Wireshark is primarily a passive network protocol analyzer, whereas BetterCap is an active framework designed to intercept, modify, and inject packets.

License: GPL-3.0-only

Dependencies: libusb, libnetfilter-queue

Bottles available for: arm64_tahoe, arm64_sequoia, arm64_sonoma, sonoma, arm64_linux, x86_64_linux

Important Notes:

bettercap requires root privileges so you will need to run `sudo bettercap`.
You should be certain that you trust any software you grant root privileges.

Version History

Detected	Version	Rev	Change	Commit
Sep 13, 2025 11:51am		0	VERSION_BUMP	8fb9da94