Got-Responded is a simple tool to detect NBT-NS and LLMNR spoofing and messing with them a bit. Pentesters, Redteamers and even real attackers love to use tools like Responder to spoof LLMNR and/or NBT-NS responses.
There are some awesome other tools to help with detection, such as respounder. But I wanted to figure it out for myself, and at the same time add a way to push “honey” tokens (fake AD credentials) to people using these spoofing tools.
Also Read – FIR : Fast Incident Response
How to install
git clone https://github.com/joda32/got-responded.git
cd got-responded
python3 -m venv responded-env
source responded-env/bin/activate
pip install -r requirements.txt
How to use it
Simple mode
This will start it in default mode, will check for both LLMNR and NBT-NS spoofing, but will not send fake SMB creds
python got-responded.py
Pystinger is a Python-based tool that enables SOCKS4 proxying and port mapping through webshells. It…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
Introduction When it comes to cybersecurity, speed and privacy are critical. Public vulnerability databases like…
If you are working with Linux or writing bash scripts, one of the most common…
What is a bash case statement? A bash case statement is a way to control…
Why Do We Check Files in Bash? When writing a Bash script, you often work…