{"id":13700905,"url":"https://github.com/codeexpress/respounder","last_synced_at":"2026-01-16T23:11:52.891Z","repository":{"id":44101404,"uuid":"120255758","full_name":"codeexpress/respounder","owner":"codeexpress","description":"Respounder detects presence of responder in the network.","archived":false,"fork":false,"pushed_at":"2019-06-15T07:51:13.000Z","size":17,"stargazers_count":316,"open_issues_count":1,"forks_count":38,"subscribers_count":17,"default_branch":"master","last_synced_at":"2025-05-04T19:39:01.528Z","etag":null,"topics":["attack-defense","attack-prevention","blue-team","computer-security","golang","hackers","llmnr","network-security","network-security-monitoring","responder"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/codeexpress.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-02-05T04:42:14.000Z","updated_at":"2025-03-30T15:19:11.000Z","dependencies_parsed_at":"2022-09-21T09:54:24.490Z","dependency_job_id":null,"html_url":"https://github.com/codeexpress/respounder","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/codeexpress/respounder","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codeexpress%2Frespounder","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codeexpress%2Frespounder/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codeexpress%2Frespounder/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codeexpress%2Frespounder/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/codeexpress","download_url":"https://codeload.github.com/codeexpress/respounder/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codeexpress%2Frespounder/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28487308,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-16T22:54:02.790Z","status":"ssl_error","status_checked_at":"2026-01-16T22:50:10.344Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["attack-defense","attack-prevention","blue-team","computer-security","golang","hackers","llmnr","network-security","network-security-monitoring","responder"],"created_at":"2024-08-02T20:01:07.011Z","updated_at":"2026-01-16T23:11:52.842Z","avatar_url":"https://github.com/codeexpress.png","language":"Go","funding_links":[],"categories":["Go","安全监控","Security monitoring"],"sub_categories":["网络安全监控（NSM）","Network Security Monitoring (NSM)"],"readme":"\u003cimg src=\"https://i.imgur.com/o1Gya0D.png\" width=300px /\u003e\n\n# res·pound·er\n   \u003cspan\u003e/rɪˈspaʊnd dər/\u003c/span\u003e\u003c/span\u003e\n   \u003ci\u003enoun\u003c/i\u003e\n   \u003cul\u003e\n   \u003cli\u003e\n   \u003cdiv style=\"margin-left:10px; display:inline;\"\u003e\n   A tool that detects presence of a \u003ca href=https://github.com/SpiderLabs/Responder\u003eResponder\u003c/a\u003e in the network\n   \u003c/div\u003e\n   \u003c/li\u003e\n   \u003cli\u003e\n   \u003cdiv style=\"margin-left:10px; display:inline;\"\u003e\n   Identifies compromised machines before hackers run away with the loot (hashes)\n   \u003c/div\u003e\n   \u003c/li\u003e\n   \u003c/ul\u003e\n\n   Respounder sends LLMNR name resolution requests for made-up hostnames that do not exist.\n   In a normal non-adversarial network we do not expect such names to resolve.\n   However, a responder, if present in the network, will resolve such queries\n   and therefore will be forced to reveal itself.\n\n## Download\n\n### Latest Releases\nRespounder is available for 32/64 bit linux, OS X and Windows systems.\nLatest versions can be downloaded from the\n[Release](https://github.com/codeexpress/respounder/releases) tab above.\n\n### Build from source\nThis is a golang project with no dependencies. Assuming you have golang compiler installed,\nthe following will build the binary from scratch\n```\n$ git clone https://github.com/codeexpress/respounder\n$ cd respounder\n$ go build -o respounder respounder.go\n```\n\n## Usage\n\nRunning `respounder` is as simple as invoking it on the command line.\nExample invocation:\n```bash\n$ ./respounder\n\n\n     .´/\n    / (           .----------------.\n    [ ]░░░░░░░░░░░|// RESPOUNDER //|\n    ) (           '----------------'\n    '-'\n\n[wlan0]    Sending probe from 192.168.0.19...   responder not detected\n[vmnet1]   Sending probe from 172.16.211.1...   responder not detected\n[vmnet8]   Sending probe from 172.16.55.1...    responder detected at 172.16.55.128\n```\n\n### Flags\n\n```\n$ ./respounder [-json] [-debug] [-hostname testhostname | -rhostname]\n\nFlags:\n  -json\n        Prints a JSON to STDOUT if a responder is detected on\n        the network. Other text is sent to STDERR\n  -debug\n        Creates a debug.log file with a trace of the program\n  -interface string\n        Interface where responder will be searched (eg. eth0).\n        Not specifying this flag will search on all interfaces.\n  -hostname string\n        Hostname to search for (default \"aweirdcomputername\")\n  -rhostname\n        Searches for a hostname comprised of random string instead\n        of the default hostname (\"aweirdcomputername\")\n```\n\n### Typical usage scenario\n\n#### Personal\nDetect rogue hosts running responder on public Wi-Fi networks\ne.g. like airports, cafés and avoid joining such networks\n(especially if you are running windows OS)\n\n#### Corporate\nDetect network compromises as soon as they happen by running respounder\nin a loop\n\nFor eg. the following `crontab` runs respounder every minute and logs a JSON file to syslog\nwhenever a responder is detected.\n```bash\n* * * * * /path/to/respounder -json | /usr/bin/logger -t responder-detected\n```\n\nExample `syslog` entry:\n```bash\ncode@express:~/$ sudo tail -f /var/log/syslog\nFeb  9 03:44:07 responder-detected: [{\"interface\":\"vmnet8\",\"responderIP\":\"172.16.55.128\",\"sourceIP\":\"172.16.55.1\"}]\n```\n\n## Demo\n![Respounder in action](https://i.imgur.com/ymcDRnJ.gif)\n\n## Coming Up Next: Android App\nThere are plans to port this tool to an android app so that adversarial Wi-Fi networks\n(eg. WiFi Pineapple or WiFi Pumpkin running responder) can be\ndetected right from a mobile phone.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcodeexpress%2Frespounder","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcodeexpress%2Frespounder","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcodeexpress%2Frespounder/lists"}