NA & WM modules use Lua scripts & tshark and we worked with Wireshark core dev team during SharkFest 2015 to integrate the whole stuff, while respecting their open source license.īut wait. We love Wireshark too! So much that we included it in Debookee. Packets will be intercepted from ethernet or airport interface and then sent to the gateway/internet through the VPN interface.īut the response packets will be received on the VPN interface (tun, ppp) on which Debookee is not listening too, and thus ignored and dropped.Īs a result, intercepted devices will stop working properly. Can I use a VPN connection on the Mac running Debookee?Ĭurrently, Debookee can’t handle different interfaces which is the case when a VPN connection is established. You’ll need a license to display all results. The only difference is that some results will be obfuscated at some point in the demo version. The code is exactly the same: all functionalities are included in the free trial and you can try all of them: interception of traffic, Wi-Fi monitoring, VoIP plugin, SSL decryption, etc. What are the limitations of the free trial?
Keep checked “Propose beta version updates”!.Go in menu Help -> Uninstall Packet Capture Tool.So please help us by reporting problems before using the stable version. Beta version is buggy, how do I revert to last stable version?įirst, please explain us clearly what is going wrong with an email at with some details and screenshots.Ī beta version is supposed to go in a stable state, and we need to fix bugs. This elevation of privileges is made following Apple’s standard API: at no point will we have knowledge of your password. Unfortunately not: the library used to capture packets needs admin privileges, which are forbidden by Mac App Store guidelines. We recommend to always try the free trial of Debookee NA module to check if your network allows network traffic interception or not. We suggest to set up a mobile hotspot or connect to another network in that case. In that case, you won’t see any traffic under your target menu. On professional wireless networks (Aruba, Cisco, HP…), this interception will likely fail due to Proxy ARP or security features that detect the MITM. We’ve seen some situations where the traffic was only half intercepted, in that case you’ll have only some traffic like only DNS answers, but no requests from your targets. On wired networks, this will almost always work. Network Analysis (NA) module allows you to select targets and intercept their traffic through a Man-in-the-middle attack (ARP spoofing). Debookee Does network traffic interception always work in NA module?