MitM attacks


Tried and tested tools. Well most of them.


  1. Cain and Abel
    1. Pretty stable
    2. Runs on Windows :(
    3. HTTPS interception, DNS spoofing
  2. Ettercap
    1. DNS spoofing
    2. I haven’t had much success running this
  3. MitMF
    1. Seems pretty stable
    2. Because it’s a framework, extensible
    3. Easy to setup on Kali
  4. scapy
    1. Swiss army knife python module for all manner low level network packet generation.
    2. Works. Steep learning curve but once you get your basic functionality working, you will reuse that code in other projects
  5. Interceptor
    1. Written in java
    2. Haven’t tried this but looks
    3. Suppose to support mitm ssh
  6. mitmproxy
    1. Written in python and reusable module
  7. Wifi Pineapple
    1. Targeted more towards the wifi pentester
    2. This is a versatile wifi usb adapter
  8. TP-Link 5-Port Gigabit Ethernet Web Managed Easy Smart Switch (TL-SG105E v2.0)
    1. Cheap ($25) network switch with port mirroring


Installation was straight forward, just follow instructions in faq.

Example run, arp spoofing, dns spoofing

$ cd ./.virtualenvs/MITMf/bin/
$ sudo -s
# source activate
(MITMf) root@kali:/home/user/.virtualenvs/MITMf/bin# cd /home/user/MITMf/
# python -i eth0 --gateway --arp --spoof --target -k --hsts --dns

References Collection of mitm scripts, including one for ssh.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s