-
mitmdump is a proxy which can store and modify content. Change content of a third-party site Scenario: You want to manipulate some content from a website $target visits. Perform ARP-poisening with Bettercap, Ettercap, the http_hijack.py script or somehow else. Start mitmdump in transparent mode:mitmdump --mode transparent --replace /~s/wars/trek/or alternatively to read the new content from a…
-
Bypass HSTS is based on hostnames. If a target already visited www.supersite.example, you can try to redirect the target to a similar domain which the browser never visited before and thus doesn’t has HSTS activated. Rewrite the Host HTTP header for your server you want to impersonate and add another character, e.g. wwww.supersite.example. You prepared…
-
SSLstrip works as proxy which replaces HTTPS references in HTTP, HTML, JS,.… responses with HTTP versions. Installation: SSLstrip is old. Create a venv and install an older version of twisted: venv/bin/pip install Twisted==18.9.0 Remove HTTPS references via MitM Scenario: You want that $target routes all HTTP traffic through your own system. Your system should remove each…
-
Network packet manipulation shell and library for Python. (Github)
-
A Ettercap successor, written in Go. Basic commands: Passive ARP probing: net.recon on net.recon off Active probing: net.probe on net.probe off Sniffing: set net.sniff.output /tmp/sniff.pcap // optional net.sniff on net.sniff off Spoofing: set arp.spoof.targets $target1, $target2, $target3 arp.spoof on arp.spoof off DNS Spoofing: set dns.spoof.domains target.domain // the domain which should be resolved as… set…