hacklan

command module
v0.0.0-...-fbfabe4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 4, 2026 License: MIT Imports: 11 Imported by: 0

README

HackLAN

A go utility to perform LAN attacks, currently it supports only arp spoofing but more attacks will be added in the future.

Features

  • Network Scanning: Fast ARP-based network discovery
  • ARP Spoofing: Execute ARP spoofing attacks against one or all devices on the network

Usage

Command-Line Tool
#install the package 
go install github.com/qa5imm/hacklan

# Run the interactive tool
hacklan

How It Works

Network Discovery

The tool performs comprehensive network reconnaissance:

  1. Interface Detection: Automatically identifies the active network interface by simulating a route to the internet (8.8.8.8)
  2. Gateway Discovery: Uses the system routing table to find the actual gateway for internet-bound traffic (via go-netroute)
  3. ARP Scanning:
    • Sends multiple rounds of ARP requests to all IPs in the subnet
    • Listens for ARP replies using packet capture
    • Performs 5 rounds with delays to discover devices that may be in power-saving mode
    • Maps IP addresses to MAC addresses
  4. Target Filtering: Automatically excludes your machine and the gateway from the attackable device list
ARP Poisoning

ARP (Address Resolution Protocol) poisoning exploits the lack of authentication in ARP:

  1. Normal Flow: Device asks "Who has IP X?" → Device with IP X responds with its MAC address
  2. Poisoned Flow: Attacker sends unsolicited ARP replies claiming to be the gateway
  3. Result: Victim's ARP cache is poisoned, believing the attacker's MAC is the gateway

This tool performs unidirectional poisoning:

  • Continuously tells the target: "Gateway is at attacker's MAC address"
  • Target sends all internet-bound traffic to the attacker's MAC
  • Without packet forwarding enabled, the attacker acts as a black hole
  • Target loses internet connectivity as packets never reach the real gateway

Attack Modes:

  • Single Target: Cuts off one specific device from the network
  • Mass Attack: Simultaneously poisons all discovered devices (excluding self and gateway)

Requirements

  • Go 1.19 or higher
  • Linux, macOS, or Windows with WinPcap/Npcap
Dependencies
  • github.com/google/gopacket - Packet crafting and parsing
  • github.com/google/gopacket/pcap - libpcap wrapper for packet capture

This tool is for educational and authorized testing purposes only. Unauthorized access to computer networks is illegal. Only use this tool on networks you own or have explicit written permission to test. The authors are not responsible for misuse or damage caused by this tool.

License

MIT License - see LICENSE file for details

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.