Projects

ettercap

Ettercap is a network sniffer/interceptor/logger for ethernet LANs. It supports active and passive dissection of many protocols (even ciphered ones, like SSH and HTTPS). Data injection in an established connection and filtering on the fly is also possible, keeping the connection synchronized. Many ... [More] sniffing modes were implemented to give you a powerful and complete sniffing suite. Plugins are supported. It has the ability to check whether you are in a switched LAN or not, and to use OS fingerprints (active or passive) to let you know the geometry of the LAN. [Less]

SSLsplit

Transparent and scalable SSL/TLS interception

pubkey-mitm

man-in-the-middle attack against pgp public key servers

arpwall

giving end user early warning for an arp attack

middler

The Middler is a Man in the Middle tool to demonstrate protocol middling attacks. Led by Jay Beale, the project involves a team of authors including InGuardians agents Justin Searle and Matt Carpenter. The Middler is intended to man in the middle, or "middle" for short, every protocol ... [More] for which we can create code. In our first alpha release, we released a core built by Matt and Jay, with introductory plug-ins by Justin and InGuardians agent Tom Liston. It runs on Linux and Mac OS X, with most of the code functional on Windows. The current codebase is in the beta state, with a full release coming soon, with better documentation (see the wiki), easier installation, and even more plug-ins, at least if Justin has his way! Plug-InsJustin and Tom's first plug-ins were very cool: plugin-beef.py - inject the Browser Exploitation Framework (BeEF) into any HTTP requests originating on the local LAN plugin-metasploit.py - inject an IFRAME into cleartext (HTTP) requests that loads Metasploit browser exploits plugin-keylogger.py - inject a JavaScript onKeyPress event handler to cleartext forms that get submitted via HTTPS, forcing the browser to send the password character-by-character to the attacker's server, before the form is submitted. Justin has refinements to these on the way, as well as a batch of so-far unreleased modules. The author team has done a tremendous amount of research, design and pseudo-code work, fleshing out attacks on web-based e-mail systems and social networking sites. We'll be standing up an external Wiki soon to share more of these ideas, but you can get early details from our slides from Jay and Justin's talks at Def Con and ShmooCon. Dependencies:The Middler depends on the following Python modules: scapy libpcap readline libdnet Please see the wiki for platform-specific installation instructions. People:Justin Searle - Co-Author Matt Carpenter - Emeritus Co-Author Tom Liston - Emeritus Co-author Brandon Edwards - Co-Author, focus on Installation and Update MitM Jay Beale - Co-Author and Project Lead The project will soon be joined by Brandon Edwards, who brings his research on Installation and Update security. Special Pre-Announcement:Co-author Justin Searle will be teaching a Middling for Penetration Testers class. You'll learn how to both use and add on to the Middler and other MitM tools. It promises to be very, very useful. [Less]

Hyenae

Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant.

ippon-mitm

Software updates apply patches or introduce new features to an application. In most cases, the update procedure is conducted in an insecure manner, exposing the updater to execution of malicious code or to manipulation of application data such as anti-virus signatures. This tool uses several ... [More] techniques of update-exploitation attacks which leverages a man-in-the-middle technique, to build and inject a fake update reply or hijack an on-going update session. [Less]

ubitack

This tool automates some of the tasks you might need on a (wireless) penetration test or while you are on the go. It aims to be a multi purpose tool for: Connect to different access points with different credentials with easy to use config files Run a evil / rogue access point (Karma ... [More] , Karmetasploit) Sniff credentials (dsniff suite, sslstrip) Hamster credentials (Wifizoo, Ferret, Hamster) Test WEP encryption (Wepbuster) Set up secure connections in hostile environments (SSH tunnel, OpenVPN, DNS Tunnel) Install and Update required software Written for the security disto Backtrack (Version 4 pre final) but might work on others systems, too. [Less]

pdfinjector

Script to inject javascript code into existing pdf files Check out my website at http://milo2012.wordpress.com

GroinK

GroinK is an advanced sniffer that supports protocol deconding and MiTM attacks. Unlike other sniffers, Groink uses lua as scripting language that allows you to extend it easily.