At its core, SelfishNet is a free ARP (Address Resolution Protocol) spoofing tool. Unlike complex enterprise solutions like QoS (Quality of Service) routers, SelfishNet operates directly from a single PC on the network. Its primary goal is deceptively simple: to cut off the internet connection of any selected device on your local Wi-Fi or Ethernet network, thereby making the connection "selfish" for the host machine. It achieves this by sending forged ARP packets to the target device and the router, convincing the router that the target device's IP address corresponds to the MAC address of the host PC. This effectively creates a man-in-the-middle (MITM) state, but instead of intercepting data, SelfishNet simply drops the packets, killing the target’s access.
SelfishNet relies on the WinPcap library (or Npcap) to inject raw packets into the network card. On Windows 10, especially after the 1803 update, Microsoft enforces driver signature verification. The legacy WinPcap drivers are unsigned by modern standards. selfishnet windows 10
SelfishNet on Windows 10 is a testament to "abandonware" resilience. While it can function, the process is a hacky journey through disabling secure boot, wrestling with driver signatures, and fighting Windows Defender. For the home user trying to stop their roommate’s Netflix binging or a child’s late-night gaming, it works—when it works. However, the modern security posture of Windows 10 is inherently hostile to SelfishNet’s core methodology. Ultimately, while the tool is an excellent educational example of how fragile ARP is, users are strongly advised to invest in a router with proper bandwidth management rather than relying on this aging, dangerous, yet oddly effective piece of software. At its core, SelfishNet is a free ARP