Introduction¶
Responder has been around for years, constantly evolving. Although it implements most common protocols found in Windows environments, it’s not particularly easy to extend or customize. Dementor aims to solve these limitations by avoiding hardcoded packets and offering extensive configuration capabilities, all of which are detailed in the Configuration section.
Benefits at a glance:
No reliance on hardcoded or precomputed packets (e.g., mDNS name parsing often fails in Responder due to static definitions)
Fine-grained, per-protocol configuration using a modular system (see Configuration)
Near-complete protocol parity with Responder (see Compatibility)
Easy integration of new protocols via the extension system (see Custom Protocols ⚙️)
Installation¶
The Dementor package can be installed either via pip from PyPI
or directly from the GitHub repository.
pip install dementor
pip install git+https://github.com/MatrixEditor/dementor
CLI Usage¶
After installation, you can start Dementor directly from the command line. By default, all poisoners and protocol servers are enabled. To perform any poisoning attacks, a network interface must be explicitly specified.
For a complete list of CLI options, refer to the CLI section.
Dementor -I "$INTERFACE_NAME"
Next Steps¶
Examples of attacks that can be performed using this tool.
Detailed breakdown of configuration options for each server and protocol.
Comparison between supported features in Responder and Dementor.