Category: MITM

DHCPEthernetEttercapLibPCAPMacMan-in-the-MiddleMITMNEW TOOLSScanSniffingSSHSSLstrip

Ettercap – A Comprehensive Suite For Man In The Middle Attacks

Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.ETTERCAP OFFERS THREE INTERFACES, TRADITIONAL COMMAND LINE, GUI AND NCURSES.Supported DistributionsThese distributions have been tested in both 32 and 64 bit flavors where possibleDebian/Ubuntu (Includes derivatives such as Kali, BackTrack, Mint, etc)FedoraGentooPentooMac OSX (Snow Leopard & Lion)FreeBSDOpenBSDNetBSDUnsupported DistributionsInstallation may work…

DATAdatasploitJSONKaliMan-in-the-MiddleMITMNEW TOOLS

Datasploit – An OSINT Framework To Perform Various Recon Techniques On Companies, People, Phone Number, Bitcoin Addresses, Etc., Aggregate All The Raw Data, And Give Data In Multiple Formats

Overview of the tool:Performs OSINT on a domain/email/username/phone and find out information from different sources.Correlate and collaborate the results, show them in a consolidated manner.Tries to find out credentials, api-keys, tokens, subdomains, domain history, legacy portals, etc. related to the target.Use specific script / launch automated OSINT for consolidated data.Performs Active Scans on collected data.Generates HTML, JSON reports along with text files.Basic Usage: ____/ /____ _ / /_ ____ _ _____ ____ / /____ (_)/ /_ / __ // __ `// __// __ `//…

BackdooringFile SharingInterceptMITMNEW TOOLSPoisoningSMBetray

SMBetray – SMB MiTM Tool With A Focus On Attacking Clients Through File Content Swapping, Lnk Swapping, As Well As Compromising Any Data Passed Over The Wire In Cleartext

Version 1.0.0. This tool is a PoC to demonstrate the ability of an attacker to intercept and modify insecure SMB connections, as well as compromise some secured SMB connections if credentials are known.BackgroundReleased at Defcon26 at "SMBetray - Backdooring and Breaking Signatures"In SMB connections, the security mechanisms protecting the integrity of the data passed between the server and the client are SMB signing and encryption. The signatures in on SMB packets when SMB signing is used are based on keys derived from information sent…

AircrackAircrack-ngBlackArchCaptive PortalEvil TwinFakeapFluxionKaliKali LinuxLINSETMITMNEW TOOLSrogueSocial EngineeringWPA

Fluxion – WPA/WPA2 Security Hacked Without Brute Force

Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) less bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It's compatible with the latest release of Kali (rolling). Fluxion's attacks' setup is mostly manual, but experimental auto-mode handles some of the attacks' setup parameters. Read the FAQ before requesting issues.If you need quick help, fluxion is also avaible…

connected carFeaturedGoogle AndroidInternet of ThingsMITMMobile SecuritySecurity Feeds

A study of car sharing apps

The growing popularity of car sharing services has led some experts to predict an end to private car ownership in big cities. The statistics appear to back up this claim: for example, in 2017 Moscow saw the car sharing fleet, the number of active users and the number of trips they made almost double. This is great news, but information security specialists have started raising some pertinent questions: how are the users of these services protected and what potential risks do they face in…