sslsniff v0.7 – SSL MITM Tool: An Overview of Features, Installation, and Usage

sslsniff is designed to create man-in-the-middle (MITM) attacks forSSL/TLS connections, and dynamically generates certs for the domainsthat are being accessed on the fly. The new certificates are constructed in a certificate chain that is signed by any certificate that is provided.sslsniff also supports other attacks like null-prefix or OCSP attacksto achieve silent interceptions of connections when possible.

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLSencrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected toSSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all datatransmitted. SSLsplit is intended to be useful for network forensicsand penetration testing.

sslsniff v0.7 – SSL Man-In-The-Middle (MITM) Tool

The first Demonstration of HTTPS stripping and MITM attacks was presented by Moxie Marlinspike at Black Hat DC 2009. Using his tool sslstrip, sslsniff and It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. 2ff7e9595c