Skip to content

Bettercap Man in The Middle Attack [Bettercap Part #1]

Bettercap is a tool used to perform network attack like the man in the middle attack, arp spoofing attack, Https bypass and other, its easy to use bettercap you just need a Linux machine with bettercap installed on it lets look how to install bettercap and use it.


Before you install make sure you are connected to the network for man in the middle attack and you know your interface weather its eth0 or wlan0. If you are using Kali Linux as your main O/S and connected to wifi your interface will be wlan0 if your Kali is connected through ethernet cable your interface will be eth0.
If your Kali Linux is installed as a virtual machine like VMWare or Virtual Box then your interface will be eth0 because you can’t connect to a wireless network in a virtual network, but if you are using an external wifi adapter for your virtual kali machine then your interface will be wlan0.

For this tutorial, I am using external wifi adapter so my interface will be wlan0 change your command according to your interface wlan0/eth0.

To install the Bettercap in your kali Linux use the following command.

apt-get update
apt-get install bettercap


First, try to understand all the command available and how to use them and what they do before trying any attack.

bettercap –help

This will display all the options available for you using the help option.

bettercap -iface wlan0/eth0

Now set your interface with the help you want to perform the attack. if you are using wlan0 or eth0. only use one eth0 or wlan0. and you will be redirected to bettercap command line.


Now, this is the main thing where you are going to do everything with help command it will display all the modules available to perform the attacks, you can see all the modules with running or not.

help any.proxy

This command will show you the help of the selected module and its parameter. like help wifi will show you the options for wifi modules and its parameter, like that you can check all the modules help.
To run or start a module type the module and on like – any.proxy on, wifi on  etc.

set any.proxy.dst_address

Set option allow you to change the parameter of any modules, for example, any.proxy is a module and it has some parameters like any.proxy.dst and others to change the value of parameter use set command like.—– set any.proxy.src_port 8080 this will be the same for every parameter for every module


ARP Spoofing

bettercap -iface eth0/wlan0
if you type the command above you will be inside the bettercap command line and you will see all the modules and arp.spoof will be there with the help of this module you can pefrom the arp spoofing attack to do that see the help for this module with

help arp.spoof

You can see the help option and arp.spoof parameters which you can set. use the following command to setup the arpspoof attack.

Arp.spoof on                                        –    turn on arp spoof attack

set arp.spoof.targets 192.168.x.X       –    set target on which you want to perform this attack enter the target IP address if you don’t set target it will perform the attack on every machine on the network.

net.probe on                                         –     net.probe is another module which scans the available device in the network so you can attack them. its important to turn it on because without net.probe arp attack will start but no target will be found to attack.

net.sniff on                                            – when arp attack is on every packet will flow through attacker machine but to capture them net.sniif should be on.

READ: What is ARP and ARP Spoofing

Now you will be able to capture the packet and can see in the terminal (HTTP only)

You can join our telegram channel for the latest update. You can follow us on Twitter and Instagram.
Share it If you like it


Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.