Open
Conversation
…urst mode - Migrate from L3 send() to L2 Ether()/ARP() pre-built frames - Use persistent conf.L2socket (open once, reuse for all sends) - Direct socket.send() bypass scapy overhead for burst injection - Add resilient error handling with auto socket recovery - Restore with retry logic (3 attempts) via temporary socket
…free - Derive gateway IPv6 link-local from MAC via EUI-64 - Send ICMPv6 RA (lifetime=0) every 4 ARP cycles to force IPv4 fallback - Send RA restore (lifetime=1800) on free for instant IPv6 recovery - Unicast to target MAC only: other devices unaffected - Closes the YouTube/QUIC IPv6 bypass vulnerability
…tus shows Limited/Blocked/Spoofed with rate info - IPv6 shows Killed when RA kill is active
…t --full kills IPv6 via RA spoof, forces IPv4 fallback - block 2 --full same for block - Without --full: normal IPv4-only limit/block (no RA kill) - free restores IPv6 only if --full was used - Updated help text with --full examples
…() with single srp() broadcast (10x faster) - Add OUI vendor lookup via netaddr (Samsung, Apple, Xiaomi, etc.) - Add Vendor column to hosts table - Scan time: ~30s ~3s for /24 network
… flag (not spoofed)
…(5 cycles/sec) - burst 3 10 per packet type - 6 packet types: unicast reply, gratuitous broadcast, ARP request - Total: 300 ARP packets/sec per host vs old 6 pkt/sec - Specifically targets gateway-side poisoning (was failing)
…cept 0,10 (exclude gateway + self) - block all --except 0,10 - free all --except 5 - Supports ID, MAC, and IP in except list
- scan.py: 5-phase deep scan (ICMP ping sweep + ARP table read + 3x ARP broadcast passes + unicast ARP probe + final ARP sweep) to detect all devices including phones in WiFi power-save mode - scan.py: add quick_scan() for fast single-pass mode (--quick flag) - scan.py: increase timeout 2s -> 5s for slow routers - scan.py: scan_for_reconnects() now also reads OS ARP table - host.py: fix __eq__/__hash__ to compare by MAC (stable across DHCP changes) - host.py: auto-lowercase MAC in constructor - limit.py: fix iptables block using wrong '-t filter' syntax (filter is default) - limit.py: fix matching cleanup in _delete_iptables_entries() - spoof.py: increase aggressiveness (interval 0.2s->0.1s, burst 10->15) - spoof.py: RA kill every 0.6s instead of 2s - utils.py: get_mac_by_ip() with 3 retries + L2 srp + /proc/net/arp fallback - utils.py: flush_network_settings() now also flushes raw table & user chains - main_menu.py: add 'rescan' command (merge new hosts, keep existing states) - main_menu.py: add '--quick' flag to scan command - main_menu.py: update help text with new commands
Scanning (scan.py): - Add passive ARP sniffing (background) to catch spontaneous traffic - Add mDNS multicast discovery for phones, smart TVs, Chromecasts - Add NetBIOS (NBNS) discovery for Windows PCs, printers, NAS - Add TCP SYN probe on common ports for IoT/cameras - Add DHCP lease file scan for sleeping devices - Increase ARP retry passes from 3 to 5 - Add IP range filter to prevent false positives - Reduce inter-packet delay for faster scanning Spoofing (spoof.py): - Add initial poison storm (50x burst) when target first added - Implement double-tap packet sending with 10ms micro-gap - Add ARP monitor thread for real-time gateway detection - Add emergency re-poison (30x burst) when gateway reclaims MAC - Add targeted re-poison when target queries gateway - Increase burst count to 20x, reduce interval to 0.08s Rate Limiting (limit.py): - Add SFQ leaf qdisc for precise bandwidth shaping - Calculate proper HTB burst size based on kernel HZ - Add MAC-based iptables rules (survives DHCP IP changes) - Add connmark save/restore for established connections - Add conntrack DROP rules for blocking Watch (watch.py): - Reduce scan interval from 45s to 25s for faster reconnect detection Menu (main_menu.py): - Update help text to reflect ultra-deep scan methods
Author
|
thanks |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.