Which DNS poisoning tool assists in spoofing the DNS query packet of a certain IP address or a group of hosts in the network?

This question tests knowledge of DNS spoofing tools. A tool that helps forge and deliver DNS responses to mislead clients into resolving a domain to a chosen address is the one designed specifically for DNS poisoning, namely DerpNSpoof. It automates the creation of spoofed DNS reply packets addressed to a target IP or a group of hosts, making it possible to redirect network traffic to attacker-controlled destinations. The other options aren’t built for attacking DNS in that way: following a TCP stream in Wireshark is a traffic-analysis feature used to reconstruct conversations, not to spoof or poison DNS; a general packet analyzer like SteelCentral Packet Analyzer captures and analyzes packets but doesn’t perform DNS spoofing; and DNS cache poisoning describes the attack technique itself rather than a tool that carries it out.