macOS
brew install ettercaplocal Homebrew formula metadata
sudo port install ettercapMacPorts ports tree · net/ettercap/Portfile · ソース: api.github.com
brew
ettercap のインストール経路、実行ファイル、メタデータ、AI エージェント向けセキュリティノートを確認します。
インストール
brew install ettercaplocal Homebrew formula metadata
sudo port install ettercapMacPorts ports tree · net/ettercap/Portfile · ソース: api.github.com
sudo apk add ettercapAlpine Linux edge package indexes · ettercap · ソース: dl-cdn.alpinelinux.org
sudo dnf install ettercapFedora Rawhide package metadata · ettercap · ソース: dl.fedoraproject.org
nix profile install nixpkgs#ettercapnixpkgs package indexes · pkgs/by-name/et/ettercap/package.nix · ソース: api.github.com
sudo pacman -S ettercapArch Linux sync databases · ettercap · ソース: geo.mirror.pkgbuild.com
sudo apt install ettercap-commonDebian stable package indexes · ettercap-common · ソース: deb.debian.org
概要
Multipurpose sniffer/interceptor/logger for switched LAN
履歴
Ettercap is a long-running open-source network security suite for man-in-the-middle work on local networks. Its command-line package provides sniffing, interception, packet filtering, logging, protocol dissection, and host/network analysis tools for switched LAN environments.
Ettercap dates to the early 2000s; the current GitHub README identifies the project copyright as 2001-current by the Ettercap development team. Early package descriptions framed it as a multipurpose sniffer, interceptor, and logger for switched LANs, a niche that mattered when Ethernet switching made simple hub-style packet sniffing less effective.
The Ettercap-NG generation in the mid-2000s broadened the tool with a modernized interface, plugins, multiple simultaneous MITM attacks, and a more structured core. The official download history shows NG releases in 2004 and 2005, the Lazarus line in 2011 and 2012, the 0.8 series beginning in 2013, and later Garofalo releases continuing maintenance into 2026.
Ettercap became a standard security-lab and penetration-testing package because it combined active and passive protocol dissection with practical MITM mechanisms such as ARP poisoning, bridged sniffing, filtering, and connection logging. Its package metadata across Unix-like systems reflects that role: it is distributed in Homebrew, Debian and Ubuntu, Fedora, Arch, Alpine, MacPorts, Nix, and other security-oriented environments.
The project has remained recognizable because it occupies the space between packet analyzers and attack simulators. Users can capture and analyze traffic like a sniffer, but can also alter or redirect traffic in ways useful for authorized testing of LAN trust assumptions.
The main `ettercap` program is used in text, curses, or graphical modes to discover hosts, select targets, run MITM modules, sniff traffic, and apply filters. Companion commands such as `etterfilter` and `etterlog` support compiling packet filters and inspecting saved logs.
The manual documents practical workflows such as ARP poisoning, bridge-mode interception with two interfaces, pcap-filtered capture, offline analysis from pcap files, and writing captured packets for later inspection with tools such as tcpdump or Wireshark.
Ettercap is package-nerd significant because it is a classic security tool whose build and runtime surface spans libpcap, libnet, OpenSSL, plugin support, terminal UI, optional GTK UI, GeoIP/MaxMind data, and privileged network access. Packaging it correctly means preserving both the text-mode toolchain and the surrounding data/config layout.
It also shows why security packages age differently from ordinary CLIs: release history is full of protocol-support updates, build fixes, memory-safety fixes, and CVE-related maintenance, while the core LAN-testing workflow remains recognizable decades after the first releases.
セキュリティ状態
escape, surveillance, or offensive capability signal.
リスク red · 信頼度 中 · escape-surveillance-offensive
エージェントに無人実行させる前に、このツールが平文の認証情報を読むか、リモート状態を書き込むか、成果物を公開するか、プラグインを起動するかを確認してください。
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
/etc/etter.conf実行可能ファイル
| コマンド | 種類 | 公開範囲 | メモ |
|---|---|---|---|
ettercap | cli | グローバル実行可能ファイル | |
ettercap-pkexec | cli | グローバル実行可能ファイル | |
etterfilter | cli | グローバル実行可能ファイル | |
etterlog | cli | グローバル実行可能ファイル |
鮮度
これらの信号は、ページ生成時期、パッケージマネージャの活動、上流リリース比較を分けて示します。バージョン遅れは、証拠 URL と比較可能なバージョンがある場合だけ警告されます。
https://github.com/Ettercap/ettercap
インストールメタデータ
| パッケージキー | brew:ettercap |
|---|---|
| バージョン | 0.8.4.1 |
| パッケージマネージャ | Homebrew |
| パッケージマネージャページ | https://formulae.brew.sh/formula/ettercap |
| ホームページ | https://ettercap.github.io/ettercap/ |
| リポジトリ | https://github.com/Ettercap/ettercap |
| 上流ドキュメント | https://ettercap.github.io/ettercap |
| ライセンス | GPL-2.0-or-later |
| ソースアーカイブ | https://github.com/Ettercap/ettercap/archive/refs/tags/v0.8.4.1.tar.gz |
| 最終更新 | 2026-06-25T13:37:40+02:00 |
| Pulse | updated |
| 依存関係 | at-spi2-core, cairo, freetype, gdk-pixbuf, glib, gtk+3, libmaxminddb, libnet, ncurses, openssl@3, pango, pcre2 |
| ビルド依存関係 | cmake |
| macOS 提供ライブラリ | curl, libpcap |
| Bottle | 利用可能 (対象 arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | 未定義 |
| サービス | 宣言なし |
レジストリ情報
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | ettercap |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
ソースデータベース一致
一致は外部パッケージマネージャインデックスから取得され、ローカルの Automic Vault パッケージリンクとは分けて表示されます。
ettercap-common 1:0.8.3.1-14
Multipurpose sniffer/interceptor/logger for switched LAN
https://ettercap.github.io/ettercap/
sudo apt install ettercap-commonettercap-graphical 1:0.8.3.1-14
Ettercap GUI-enabled executable
https://ettercap.github.io/ettercap/
sudo apt install ettercap-graphicalettercap-text-only 1:0.8.3.1-14
Ettercap console-mode executable
https://ettercap.github.io/ettercap/
sudo apt install ettercap-text-onlyettercap
nix profile install nixpkgs#ettercapettercap-common 1:0.8.3.1-13build3
Multipurpose sniffer/interceptor/logger for switched LAN
https://ettercap.github.io/ettercap/
sudo apt install ettercap-commonettercap-graphical 1:0.8.3.1-13build3
Ettercap GUI-enabled executable
https://ettercap.github.io/ettercap/
sudo apt install ettercap-graphicalettercap-text-only 1:0.8.3.1-13build3
Ettercap console-mode executable
https://ettercap.github.io/ettercap/
sudo apt install ettercap-text-onlyettercap 0.8.4.1-r0
Multipurpose sniffer/interceptor/logger for switched LAN
https://www.ettercap-project.org/
sudo apk add ettercapettercap-doc 0.8.4.1-r0
Multipurpose sniffer/interceptor/logger for switched LAN (documentation)
https://www.ettercap-project.org/
sudo apk add ettercap-doclibettercap 0.8.4.1-r0
Multipurpose sniffer/interceptor/logger for switched LAN (libraries)
https://www.ettercap-project.org/
sudo apk add libettercapettercap 0.8.4.1-1.fc45
Network traffic sniffer/analyser, NCURSES interface version
http://ettercap.sourceforge.net
sudo dnf install ettercapettercap 0.8.4.1-1
Network sniffer/interceptor/logger for ethernet LANs - console
https://www.ettercap-project.org/
sudo pacman -S ettercapettercap-gtk 0.8.4.1-1
Network sniffer/interceptor/logger for ethernet LANs - GTK frontend
https://www.ettercap-project.org/
sudo pacman -S ettercap-gtkettercap
sudo port install ettercapソース経路
このページは scripts/generate-pkg-sqlite.py が生成した非公開のパッケージ SQLite アーティファクトから av-web によって提供されます。
View the package source record on GitHub.