performing-arp-spoofing-attack-simulation

Featured

Simulates ARP spoofing attacks in authorized lab or pentest environments using arpspoof, Ettercap, and Scapy to demonstrate man-in-the-middle risks, test network detection capabilities, and validate ARP inspection countermeasures.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Performing ARP Spoofing Attack Simulation ## When to Use - Testing whether network switches and infrastructure properly implement Dynamic ARP Inspection (DAI) - Demonstrating man-in-the-middle attack risks to stakeholders during authorized security assessments - Validating that network monitoring tools (IDS/IPS, SIEM) detect ARP cache poisoning attempts - Assessing the effectiveness of port security, 802.1X, and VLAN segmentation controls - Training SOC analysts to recognize ARP spoofing indicators in network traffic **Do not use** on production networks without explicit written authorization and a rollback plan, against networks carrying critical or life-safety traffic, or as a denial-of-service attack vector. ## Prerequisites - Written authorization specifying in-scope network segments for ARP spoofing simulation - Kali Linux or similar penetration testing distribution with arpspoof, Ettercap, and Scapy installed - Direct Layer 2 access to the target network segment (same VLAN as target hosts) - IP forwarding knowledge and ability to enable/disable packet forwarding on the attacker machine - Wireshark or tcpdump for capturing traffic to verify interception - Isolated lab environment or approved production test window > **Legal Notice:** This skill is for authorized security testing and educational purposes only. Unauthorized use against systems you do not own or have written permission to test is illegal and may violate computer fraud laws. ## Workflow ### Step 1...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

detecting-arp-poisoning-in-network-traffic

Detect and prevent ARP spoofing attacks using ARPWatch, Dynamic ARP Inspection, Wireshark analysis, and custom monitoring scripts to protect against man-in-the-middle interception.

12,642 Updated today
mukul975
AI & Automation Featured

conducting-man-in-the-middle-attack-simulation

Simulates man-in-the-middle attacks using Ettercap, mitmproxy, and Bettercap in authorized environments to intercept, analyze, and modify network traffic for testing encryption enforcement, certificate validation, and detection capabilities.

12,642 Updated today
mukul975
AI & Automation Featured

performing-vlan-hopping-attack

Simulates VLAN hopping attacks using switch spoofing and double tagging techniques in authorized environments to test VLAN segmentation effectiveness and validate switch port security configurations against Layer 2 bypass attacks.

12,642 Updated today
mukul975
AI & Automation Featured

performing-packet-injection-attack

Crafts and injects custom network packets using Scapy, hping3, and Nemesis during authorized security assessments to test firewall rules, IDS detection, protocol handling, and network stack resilience against malformed and spoofed traffic.

12,642 Updated today
mukul975
AI & Automation Featured

performing-bandwidth-throttling-attack-simulation

Simulates bandwidth throttling and network degradation attacks using tc, iperf3, and Scapy in authorized environments to test quality-of-service controls, application resilience, and network monitoring detection of traffic manipulation attacks.

12,642 Updated today
mukul975