Pentesters, Redteamers and even real attackers love to use tools like Responder to spoof LLMNR and/or NBT-NS responses. There are some awesome other tools to help with detection, such as respounder . But I wanted to figure it out for my self, and at the same time add a way to push "honey" tokens (fake AD credentials) to people using these spoofing tools.
How to install
git clone https://github.com/joda32/got-responded.git cd got-responded python3 -m venv responded-env source responded-env/bin/activate pip install -r requirements.txt
How to use it
This will start it in default mode, will check for both LLMNR and NBT-NS spoofing, but will not send fake SMB creds