{"id":22957954,"url":"https://github.com/sergio11/blackvenom","last_synced_at":"2025-06-21T23:33:27.600Z","repository":{"id":90143721,"uuid":"60959042","full_name":"sergio11/blackvenom","owner":"sergio11","description":"BlackVenom is a personal project designed for ethical ARP and DNS spoofing πŸ›‘οΈ. It helps cybersecurity professionals practice network traffic interception and vulnerability identification πŸ“„, all while adhering to ethical hacking standards βš–οΈ. Ideal for learning and enhancing network security skills.","archived":false,"fork":false,"pushed_at":"2025-04-19T10:01:32.000Z","size":2813,"stargazers_count":17,"open_issues_count":0,"forks_count":2,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-04-19T16:00:08.532Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sergio11.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2016-06-12T09:35:16.000Z","updated_at":"2025-04-19T10:01:36.000Z","dependencies_parsed_at":"2025-04-10T19:25:04.005Z","dependency_job_id":"27dd5099-3fc0-4bd0-8f21-6eb4035eaa4e","html_url":"https://github.com/sergio11/blackvenom","commit_stats":null,"previous_names":["sergio11/blackvenom"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/sergio11/blackvenom","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sergio11%2Fblackvenom","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sergio11%2Fblackvenom/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sergio11%2Fblackvenom/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sergio11%2Fblackvenom/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sergio11","download_url":"https://codeload.github.com/sergio11/blackvenom/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sergio11%2Fblackvenom/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":261211570,"owners_count":23125537,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["arp-poisoning","arp-spoofing","cibersecurity","dns-spoofing","ethical-hacking","ethical-hacking-tools","kali-linux","man-in-the-middle","netfilter-queue","network-security","network-traffic-analysis","pcap-files","penetration-testing","scapy","security-auditing"],"created_at":"2024-12-14T17:33:54.176Z","updated_at":"2025-06-21T23:33:22.585Z","avatar_url":"https://github.com/sergio11.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# πŸ•·οΈ BlackVenom: The Ultimate Ethical ARP and DNS Spoofing Tool πŸ•ΈοΈ\n\n**BlackVenom** is a powerful ARP and DNS spoofing tool designed for ethical hackers and cybersecurity professionals. πŸ›‘οΈ This utility allows you to seamlessly intercept and log network traffic, providing valuable insights into network vulnerabilities while remaining undetected. πŸ•΅οΈβ€β™‚οΈβš‘\n\nBuilt with stealth and precision in mind, **BlackVenom** operates like a digital venomous strike: fast, effective, and silent. πŸ–€ Whether you're conducting penetration tests, monitoring network vulnerabilities, or analyzing traffic for security research, **BlackVenom** empowers you to take full control of ARP tables and spoof DNS requests for educational and professional purposes. πŸ–₯οΈπŸ’‰\n\nπŸ™ I would like to express my sincere gratitude to [Santiago HernΓ‘ndez, a leading expert in Cybersecurity and Artificial Intelligence](https://www.udemy.com/user/shramos/). His outstanding course on **Cybersecurity and Ethical Hacking**, available on Udemy, was instrumental in the development of this project. The insights and techniques I gained from his course were invaluable in guiding my approach to cybersecurity practices. Thank you for sharing your knowledge and expertise!\n\nJoin the BlackVenom web of digital defenders and harness the power of stealthy network manipulation for the greater good! πŸ•ΈοΈβœ¨\n\n### Disclaimer ⚠️\nBlackVenom is intended for ethical use only. Misuse of this tool against unauthorized systems is illegal and may result in severe penalties. Always obtain permission before testing network security. πŸ“œ\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"https://img.shields.io/badge/Kali_Linux-557C94?style=for-the-badge\u0026logo=kali-linux\u0026logoColor=white\" /\u003e\n \u003cimg src=\"https://img.shields.io/badge/Python-FFD43B?style=for-the-badge\u0026logo=python\u0026logoColor=blue\" /\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_1.PNG\" /\u003e\n\u003c/p\u003e\n\n## 🌟 **Explore My Other Open-Source Ethical Hacking Tools**\n\nIf you're interested in more powerful tools for ethical hacking, make sure to check out my other open-source projects designed to help cybersecurity professionals and penetration testers:\n\n- [πŸ¦… **NetHawk**](https://github.com/sergio11/nethawk_analyzer): A state-of-the-art **AI-powered ethical hacking tool** for **network vulnerability assessment**. Using advanced frameworks like **Scapy** and **Nmap**, NetHawk automates **port scanning**, **vulnerability detection**, and **report generation**, making security audits faster, smarter, and more efficient. Whether you're a **network administrator**, **cybersecurity expert**, or **ethical hacker**, NetHawk simplifies the assessment process and offers actionable insights to fortify your systems. \n\n- [πŸ’€ **Nemesys**](https://github.com/sergio11/nemesys): An advanced **exploitation** and **post-exploitation** tool built on top of the **Metasploit Framework** for automating critical data harvesting and system enumeration. \n- [🌐 **ZeroTrace**](https://github.com/sergio11/zero_trace_hacking_tool): A powerful **search engine dorking** tool designed to identify **attack vectors** and uncover **exposed sensitive information** across the web.\n- [πŸ” **DecryptX**](https://github.com/sergio11/decryptx): An **advanced hash and password security assessment tool** that helps **cybersecurity experts** and **penetration testers** analyze **password hashes** and **encrypted ZIP files** to assess the robustness of security implementations.\n\nThese tools are designed to streamline penetration testing, enhance security assessments, and provide in-depth insights into vulnerabilities. Explore them to level up your ethical hacking skills! πŸ’»πŸ”\n\n\n### Key Features:\n- **🌐 ARP Spoofing Mastery**: Perform bidirectional ARP spoofing to impersonate devices and intercept traffic between them. πŸ”„\n- **πŸ” DNS Spoofing Capabilities**: Redirect DNS requests to specified IP addresses, enabling control over domain resolutions. πŸ“‘\n- **πŸ“„ Traffic Logging**: Capture and log all intercepted network traffic in a configurable PCAP file for later analysis. πŸ“‚\n- **βš™οΈ Ethical \u0026 Stealthy**: Designed for ethical hacking, ensuring you stay invisible while uncovering security flaws. πŸ•ΆοΈ\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_2.PNG\" /\u003e\n\u003c/p\u003e\n\n### Use Cases:\n- **Network Penetration Testing**: Assess the security of networks by identifying weaknesses in ARP protocols and DNS resolutions. πŸ”πŸ›‘οΈ\n- **Security Auditing**: Log and analyze network traffic to discover potential vulnerabilities and improve network defenses. πŸ“ŠπŸ”’\n- **Educational Purposes**: Learn and teach network security concepts through practical, hands-on experience with ARP and DNS spoofing techniques. πŸŽ“πŸ“š\n- **Traffic Analysis**: Monitor and capture traffic for forensic investigations or to understand user behavior on a network. πŸ”πŸ“ˆ\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_3.PNG\" /\u003e\n\u003c/p\u003e\n\n### Understanding ARP Spoofing and DNS Spoofing πŸ”\n\n- **ARP Spoofing**: This technique involves sending false ARP (Address Resolution Protocol) messages over a local area network. By doing so, an attacker can associate their MAC address with the IP address of another device (e.g., the default gateway), allowing them to intercept and manipulate traffic intended for that device. This can lead to various attacks, including man-in-the-middle attacks and session hijacking. ⚠️\n\n- **DNS Spoofing**: This technique manipulates DNS (Domain Name System) responses to redirect traffic from legitimate websites to malicious ones. By altering the DNS records, an attacker can control what IP addresses users are directed to when they attempt to access specific domains. This can be used to carry out phishing attacks or serve malicious content. 🌐\n\n\u003cp align=\"center\"\u003e\n \u003cimg src=\"doc/screenshots/picture_4.PNG\" /\u003e\n\u003c/p\u003e\n\n### IP Forwarding and IPTABLES πŸ“‘\n\nFor **BlackVenom** to successfully intercept and forward traffic between the target and gateway, IP forwarding must be enabled on the system. This allows the machine running BlackVenom to act as a bridge, forwarding packets between the target and the network. \n\nTo enable IP forwarding, use the following command:\n\n```bash\necho 1 \u003e /proc/sys/net/ipv4/ip_forward\n\nAdditionally, you may need to configure IPTABLES to allow forwarding of packets. Here’s a basic command to set up the necessary rules:\n\niptables -A FORWARD -i eth0 -j ACCEPT\niptables -A FORWARD -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT\n```\n\nThese commands ensure that the traffic can flow through the machine while BlackVenom performs its operations. πŸ›‘οΈ\n\n### Key Techniques in BlackVenom Development πŸ› οΈ\n\n- **NetFilterQueue**: This library allows the interception of packets within the Linux kernel's Netfilter framework. It provides a powerful way to capture and manipulate network packets, making it an essential tool for implementing ARP and DNS spoofing techniques. πŸ₯…\n\n- **Scapy**: A powerful Python library used for packet manipulation, Scapy allows for the creation, sending, and receiving of network packets. It's crucial for constructing ARP and DNS packets needed for spoofing. πŸ“¦\n\n- **Threading**: To ensure that the tool operates efficiently without blocking the main execution thread, threading is utilized to manage concurrent packet processing for both ARP and DNS spoofing operations. 🧡\n\n- **Traffic Logging**: Using libraries like `pcap` and `tqdm`, BlackVenom captures and logs network traffic in real-time, providing a comprehensive analysis of intercepted packets for further examination. πŸ“Š\n\n\n### Dependencies πŸ“¦\n\n**BlackVenom** requires several Python packages to function effectively. Below are the key dependencies along with their respective versions:\n\n- **scapy==2.6.0** 🐍: A powerful Python library for network packet manipulation, allowing the creation, sending, and sniffing of network packets.\n- **tqdm==4.65.0** ⏳: A fast, extensible progress bar for Python, used to provide visual feedback during long-running tasks.\n- **rich==13.9.2** 🌈: A library for rich text and beautiful formatting in the terminal, enhancing the output of the tool with colors and styles.\n- **netifaces==0.11.0** 🌐: A cross-platform library to get network interface information, useful for identifying available interfaces for ARP spoofing.\n- **NetfilterQueue==1.1.0** πŸ”„: A Python binding to the netfilter queue library, allowing the manipulation of packets in user space for packet filtering and modification.\n\nEnsure that these dependencies are installed in your Python environment to use **BlackVenom** effectively. βœ…\n\n### Installation πŸ› οΈ\n\nTo install and run **BlackVenom**, follow these simple steps:\n\n#### 1. Create a Python Virtual Environment 🐍\nFirst, create a virtual environment to manage dependencies:\n\n```bash\npython -m venv BlackVenom-Kali\n```\n\n#### 2. Activate the Virtual Environment πŸ”‘\nActivate the virtual environment:\n\n```bash\nsource BlackVenom-Kali/bin/activate\n```\n\n#### 3. Install Dependencies πŸ“¦\nNow, install the necessary dependencies from the requirements.txt file:\n\n```bash\npip install -r requirements.txt\n```\n\n4. Run the Tool ⚑\nAfter installation, you can run BlackVenom using the provided CLI:\n\n```bash\npython black_venom_cli.py\n```\n\n### Usage Examples\n\n#### Example 1: Basic ARP Spoofing\nThis command performs a basic ARP spoofing attack between a target and a gateway without enabling packet logging or DNS spoofing. πŸ”—\n\n```bash\nsudo python black_venom_cli.py \\\n --target_ip 192.168.11.128 \\\n --gateway_ip 192.168.11.2 \\\n --interface eth0\n```\n\n#### Example 2: ARP Spoofing with Traffic Logging\nIn this example, packet logging is enabled while performing ARP spoofing. πŸ“\n\n```bash\nsudo python black_venom_cli.py \\\n --target_ip 192.168.11.128 \\\n --gateway_ip 192.168.11.2 \\\n --interface eth0 \\\n --enable_logging \\\n --log_file ~/Desktop/captured_packets.pcap\n\n```\n\n\n#### Example 3: ARP Spoofing and DNS Spoofing\nThis command enables both ARP spoofing and DNS spoofing, redirecting DNS requests for a specific domain. πŸŒπŸ”€\n\n```bash\nsudo python black_venom_cli.py \\\n --target_ip 192.168.11.128 \\\n --gateway_ip 192.168.11.2 \\\n --interface eth0 \\\n --enable_logging \\\n --log_file ~/Desktop/captured_packets.pcap\n```\n\n#### Example 4: Multiple DNS Records\nHere multiple DNS records are redirected to a specific IP. This command performs ARP and DNS spoofing while logging traffic. πŸ“„πŸ”„\n\n```bash\nsudo python black_venom_cli.py \\\n --target_ip 192.168.11.128 \\\n --gateway_ip 192.168.11.2 \\\n --interface eth0 \\\n --enable_logging \\\n --log_file ~/Desktop/captured_packets.pcap \\\n --spoof_dns \\\n --dns_records \"example.com=192.168.11.10\" \"anotherdomain.com=192.168.11.11\"\n```\n\n#### Example 5: No Logging but with DNS Spoofing\nThis example performs ARP spoofing and DNS spoofing without enabling traffic logging. πŸš«πŸ“\n\n```bash\nsudo python black_venom_cli.py \\\n --target_ip 192.168.11.128 \\\n --gateway_ip 192.168.11.2 \\\n --interface eth0 \\\n --spoof_dns \\\n --dns_records \"example.com=192.168.11.10\"\n```\n\n### Summary of Options\n- **`--target_ip`**: IP address of the target device. πŸ’»\n- **`--gateway_ip`**: IP address of the network gateway. πŸŒ‰\n- **`--interface`**: Network interface to use (default is `eth0`). 🌐\n- **`--enable_logging`**: Enable traffic logging to a PCAP file. πŸ“\n- **`--log_file`**: Path and name of the PCAP file for logging. πŸ“‚\n- **`--spoof_dns`**: Enable DNS spoofing. 🌐\n- **`--attacker_ip`**: IP to which DNS requests should be redirected. πŸš€\n- **`--dns_queue_num`**: Queue number for DNS spoofing (default is `2`). πŸ“Š\n- **`--dns_records`**: DNS records in the format `'domain=ip'` to redirect requests. πŸ“œ\n\n\n## Acknowledgements πŸ™\n\nπŸ™ I would like to express my sincere gratitude to [Santiago HernΓ‘ndez, a leading expert in Cybersecurity and Artificial Intelligence](https://www.udemy.com/user/shramos/). His outstanding course on **Cybersecurity and Ethical Hacking**, available on Udemy, was instrumental in the development of this project. The insights and techniques I gained from his course were invaluable in guiding my approach to cybersecurity practices. Thank you for sharing your knowledge and expertise!\n\n## 🀝 **Contributing**\nContributions to BlackVenom are highly encouraged! If you're interested in adding new features, resolving bugs, or enhancing the project's functionality, please feel free to submit pull requests.\n\n## Get in Touch πŸ“¬\n\nBlackVenom is developed and maintained by **Sergio SΓ‘nchez SΓ‘nchez** (Dream Software). Special thanks to the open-source community and the contributors who have made this project possible. If you have any questions, feedback, or suggestions, feel free to reach out at [dreamsoftware92@gmail.com](mailto:dreamsoftware92@gmail.com).\n\n## Visitors Count\n\n\u003cimg width=\"auto\" src=\"https://profile-counter.glitch.me/blackvenom/count.svg\" /\u003e\n \n ## Please Share \u0026 Star the repository to keep me motivated.\n \u003ca href = \"https://github.com/sergio11/blackvenom/stargazers\"\u003e\n \u003cimg src = \"https://img.shields.io/github/stars/sergio11/blackvenom\" /\u003e\n \u003c/a\u003e\n\n## License βš–οΈ\n\nThis project is licensed under the MIT License, an open-source software license that allows developers to freely use, copy, modify, and distribute the software. πŸ› οΈ This includes use in both personal and commercial projects, with the only requirement being that the original copyright notice is retained. πŸ“„\n\nPlease note the following limitations:\n\n- The software is provided \"as is\", without any warranties, express or implied. πŸš«πŸ›‘οΈ\n- If you distribute the software, whether in original or modified form, you must include the original copyright notice and license. πŸ“‘\n- The license allows for commercial use, but you cannot claim ownership over the software itself. 🏷️\n\nThe goal of this license is to maximize freedom for developers while maintaining recognition for the original creators.\n\n```\nMIT License\n\nCopyright (c) 2024 Dream software - Sergio SΓ‘nchez \n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the \"Software\"), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in all\ncopies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE\nSOFTWARE.\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsergio11%2Fblackvenom","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsergio11%2Fblackvenom","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsergio11%2Fblackvenom/lists"}