first pass at refactoring:

directory structure has been simplified by grouping all the poisoners and servers in one folder
impacket smb server has been replaced with responder's
flask http server has beem replaced with responder's
modified config file to support new changes

config/mitmf.conf

@@ -20,53 +20,6 @@
 		host = 127.0.0.1
 		port = 9999
 
-	[[HTTP]]
-		
-		#
-		# Here you can configure MITMf's internal HTTP server
-		# Note: changing the port number might break certain plugins
-
-		port = 80
-
-	[[SMB]]
-
-		#
-		# Here you can configure MITMf's internal SMB server
-		#
-
-		port = 445
-		mode = normal  # Can be set to Normal or Karma
-
-		# Set a custom challenge
-		Challenge = 1122334455667788
-
-		[[[Shares]]]   # Only parsed if type = Normal
-
-			#
-			# You can define shares here
-			#
-
-			# [[[[Share1]]]]     #Share name          
-			#	readonly = yes   #Be very careful if you set this to no!
-			#	path = /tmp      #Share path
-
-			# [[[[Share2]]]]
-			#    readonly = yes
-			#    path = /tmp
-
-		[[[Karma]]] # Only parsed if type = Karma
-
-			#
-			# Here you can configure the Karma-SMB server
-			#
-
-			defaultfile = '' #Path to the file to serve if the requested extension is not specified below (don't comment out)
-
-			# exe = /tmp/evil.exe
-			# dll = /tmp/evil.dll
-			# ini = /tmp/desktop.ini
-			# bat = /tmp/evil.bat
-
 	[[DNS]]
 
 		#
@@ -154,32 +107,63 @@
 
 [Responder]
 
-	#Set these values to On or Off, so you can control which rogue authentication server is turned on.
-	MSSQL = On
+	#Servers to start
+	SQL   = On
+	HTTPS = On
 	Kerberos = On
-	FTP   = On
-	POP   = On
-	SMTP  = On #Listens on 25/TCP, 587/TCP
-	IMAP  = On 
-	LDAP  = On
+	FTP  = On
+	POP  = On
+	SMTP = On
+	IMAP = On
+	LDAP = On
 
-	#Set this option with your in-scope targets (default = All)
-	#Ex. RespondTo = 10.20.1.116,10.20.1.117,10.20.1.118,10.20.1.119
+	#Custom challenge
+	Challenge = 1122334455667788
+
+	#Specific IP Addresses to respond to (default = All)
+	#Example: RespondTo = 10.20.1.100-150, 10.20.3.10
 	RespondTo =
 
-	#Set this option with specific NBT-NS/LLMNR names to answer to (default = All)
-	#Ex. RespondTo = WPAD,DEV,PROD,SQLINT
+	#Specific NBT-NS/LLMNR names to respond to (default = All)
+	#Example: RespondTo = WPAD, DEV, PROD, SQLINT
 	RespondToName = 
 
-	#DontRespondTo = 10.20.1.116,10.20.1.117,10.20.1.118,10.20.1.119
+	#Specific IP Addresses not to respond to (default = None)
+	#Example: DontRespondTo = 10.20.1.100-150, 10.20.3.10
 	DontRespondTo = 
 
-	#Set this option with specific NBT-NS/LLMNR names not to respond to (default = None)
-	#Ex. DontRespondTo = NAC, IPS, IDS
+	#Specific NBT-NS/LLMNR names not to respond to (default = None)
+	#Example: DontRespondTo = NAC, IPS, IDS
 	DontRespondToName =
 
-	#Set your custom PAC script
-	WPADScript = 'function FindProxyForURL(url, host){if ((host == "localhost") || shExpMatch(host, "localhost.*") ||(host == "127.0.0.1") || isPlainHostName(host)) return "DIRECT"; if (dnsDomainIs(host, "RespProxySrv")||shExpMatch(host, "(*.RespProxySrv|RespProxySrv)")) return "DIRECT"; return "PROXY ISAProxySrv:3141; DIRECT";}'
+	[[HTTP Server]]
+
+		#Set to On to always serve the custom EXE
+		Serve-Always = Off
+
+		#Set to On to replace any requested .exe with the custom EXE
+		Serve-Exe = On
+
+		#Set to On to serve the custom HTML if the URL does not contain .exe
+		Serve-Html = Off
+
+		#Custom HTML to serve
+		HtmlFilename = config/responder/AccessDenied.html
+
+		#Custom EXE File to serve
+		ExeFilename = config/responder/BindShell.exe
+
+		#Name of the downloaded .exe that the client will see
+		ExeDownloadName = ProxyClient.exe
+
+		#Custom WPAD Script
+		WPADScript = 'function FindProxyForURL(url, host){if ((host == "localhost") || shExpMatch(host, "localhost.*") ||(host == "127.0.0.1") || isPlainHostName(host)) return "DIRECT"; if (dnsDomainIs(host, "RespProxySrv")||shExpMatch(host, "(*.RespProxySrv|RespProxySrv)")) return "DIRECT"; return 'PROXY ISAProxySrv:3141; DIRECT';}'
+
+	[[HTTPS Server]]
+
+		#Configure SSL Certificates to use
+		SSLCert = config/responder/responder.crt
+		SSLKey = config/responder/responder.key
 
 [AppCachePoison]
 	# HTML5 AppCache poisioning attack

config/responder/AccessDenied.html

@@ -0,0 +1,31 @@
+<html>
+<head>
+<title>Website Blocked: ISA Proxy Server</title>
+<style>
+<!--
+body, ul, li { font-family:Arial, Helvetica, sans-serif; font-size:14px; color:#737373;	margin:0; padding:0;}
+.content { padding: 20px 15px 15px 40px; width: 500px; margin: 70px auto 6px auto; border: #D52B1E solid 2px;}
+.blocking { border-top: #D52B1E solid 2px; border-bottom: #D52B1E solid 2px;}
+.title { font-size: 24px; border-bottom: #ccc solid 1px; padding-bottom:15px; margin-bottom:15px;}
+.details li { list-style: none;	padding: 4px 0;}
+.footer { color:  #6d90e7; font-size: 14px; width: 540px; margin: 0 auto; text-align:right; }
+-->
+</style>
+
+</head>
+<body>
+<center>
+<div class="content blocking">
+  <div class="title" id="msg_title"><b>New Security Policy: Website Blocked</b></div>
+  <ul class="details">
+    <div id="main_block">
+      <div id="msg_long_reason">
+        <li><b>Access has been blocked. Please download and install the new </b><span class="url"><a href="http://isaProxysrv/ProxyClient.exe"><b>Proxy Client</b></a></span><b> in order to access internet resources.</b></li>
+    </div>
+  </ul>
+</div>
+<div class="footer">ISA Security <b>Proxy Server</b></div>
+</center>
+</body>
+</html>
+

config/responder/gen-self-signed-cert.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+openssl genrsa -out responder.key 2048
+openssl req -new -x509 -days 3650 -key responder.key -out responder.crt -subj "/"

config/responder/responder.crt

@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC0zCCAbugAwIBAgIJAOQijexo77F4MA0GCSqGSIb3DQEBBQUAMAAwHhcNMTUw
+NjI5MDU1MTUyWhcNMjUwNjI2MDU1MTUyWjAAMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAunMwNRcEEAUJQSZDeDh/hGmpPEzMr1v9fVYie4uFD33thh1k
+sPET7uFRXpPmaTMjJFZjWL/L/kgozihgF+RdyR7lBe26z1Na2XEvrtHbQ9a/BAYP
+2nX6V7Bt8izIz/Ox3qKe/mu1R5JFN0/i+y4/dcVCpPu7Uu1gXdLfRIvRRv7QtnsC
+6Q/c6xINEbUx58TRkq1lz+Tbk2lGlmon2HqNvQ0y/6amOeY0/sSau5RPw9xtwCPg
+WcaRdjwf+RcORC7/KVXVzMNcqJWwT1D1THs5UExxTEj4TcrUbcW75+vI3mIjzMJF
+N3NhktbqPG8BXC7+qs+UVMvriDEqGrGwttPXXwIDAQABo1AwTjAdBgNVHQ4EFgQU
+YY2ttc/bjfXwGqPvNUSm6Swg4VYwHwYDVR0jBBgwFoAUYY2ttc/bjfXwGqPvNUSm
+6Swg4VYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAXFN+oxRwyqU0
+YWTlixZl0NP6bWJ2W+dzmlqBxugEKYJCPxM0GD+WQDEd0Au4pnhyzt77L0sBgTF8
+koFbkdFsTyX2AHGik5orYyvQqS4jVkCMudBXNLt5iHQsSXIeaOQRtv7LYZJzh335
+4431+r5MIlcxrRA2fhpOAT2ZyKW1TFkmeAMoH7/BTzGlre9AgCcnKBvvGdzJhCyw
+YlRGHrfR6HSkcoEeIV1u/fGU4RX7NO4ugD2wkOhUoGL1BS926WV02c5CugfeKUlW
+HM65lZEkTb+MQnLdpnpW8GRXhXbIrLMLd2pWW60wFhf6Ub/kGJ5bCUTnXYPRcA3v
+u0/CRCN/lg==
+-----END CERTIFICATE-----

config/responder/responder.key

@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAunMwNRcEEAUJQSZDeDh/hGmpPEzMr1v9fVYie4uFD33thh1k
+sPET7uFRXpPmaTMjJFZjWL/L/kgozihgF+RdyR7lBe26z1Na2XEvrtHbQ9a/BAYP
+2nX6V7Bt8izIz/Ox3qKe/mu1R5JFN0/i+y4/dcVCpPu7Uu1gXdLfRIvRRv7QtnsC
+6Q/c6xINEbUx58TRkq1lz+Tbk2lGlmon2HqNvQ0y/6amOeY0/sSau5RPw9xtwCPg
+WcaRdjwf+RcORC7/KVXVzMNcqJWwT1D1THs5UExxTEj4TcrUbcW75+vI3mIjzMJF
+N3NhktbqPG8BXC7+qs+UVMvriDEqGrGwttPXXwIDAQABAoIBABuAkDTUj0nZpFLS
+1RLvqoeamlcFsQ+QzyRkxzNYEimF1rp4rXiYJuuOmtULleogm+dpQsA9klaQyEwY
+kowTqG3ZO8kTFwIr9nOqiXENDX3FOGnchwwfaOz0XlNhncFm3e7MKA25T4UeI02U
+YBPS75NspHb3ltsVnqhYSYyv3w/Ml/mDz+D76dRgT6seLEOTkKwZj7icBR6GNO1R
+FLbffJNE6ZcXI0O892CTVUB4d3egcpSDuaAq3f/UoRB3xH7MlnEPfxE3y34wcp8i
+erqm/8uVeBOnQMG9FVGXBJXbjSjnWS27sj/vGm+0rc8c925Ed1QdIM4Cvk6rMOHQ
+IGkDnvECgYEA4e3B6wFtONysLhkG6Wf9lDHog35vE/Ymc695gwksK07brxPF1NRS
+nNr3G918q+CE/0tBHqyl1i8SQ/f3Ejo7eLsfpAGwR9kbD9hw2ViYvEio9dAIMVTL
+LzJoSDLwcPCtEOpasl0xzyXrTBzWuNYTlfvGkyd2mutynORRIZPhgHkCgYEA00Q9
+cHBkoBOIHF8XHV3pm0qfwuE13BjKSwKIrNyKssGf8sY6bFGhLSpTLjWEMN/7B+S1
+5IC0apiGjHNK6Z51kjKhEmSzCg8rXyULOalsyo2hNsMA+Lt1g72zJIDIT/+YeKAf
+s85G6VgMtNLozNjx7C1eMugECJ+rrpRVpIe1kJcCgYAr+I0cQtvSDEjKc/5/YMje
+ldQN+4Z82RRkwYshsKBTEXb6HRwMrwIhGxCq8LF59imMUkYrRSjFhcXFSrZgasr2
+VVz0G4wGf7+flt1nv7GCO5X+uW1OxJUC64mWO6vGH2FfgG0Ed9Tg3x1rY9V6hdes
+AiOEslKIFjjpRhpwMYra6QKBgQDLFO/SY9f2oI/YZff8PMhQhL1qQb7aYeIjlL35
+HM8e4k10u+RxN06t8d+frcXyjXvrrIjErIvBY/kCjdlXFQGDlbOL0MziQI66mQtf
+VGPFmbt8vpryfpCKIRJRZpInhFT2r0WKPCGiMQeV0qACOhDjrQC+ApXODF6mJOTm
+kaWQ5QKBgHE0pD2GAZwqlvKCM5YmBvDpebaBNwpvoY22e2jzyuQF6cmw85eAtp35
+f92PeuiYyaXuLgL2BR4HSYSjwggxh31JJnRccIxSamATrGOiWnIttDsCB5/WibOp
+MKuFj26d01imFixufclvZfJxbAvVy4H9hmyjgtycNY+Gp5/CLgDC
+-----END RSA PRIVATE KEY-----