mirror of https://github.com/byt3bl33d3r/MITMf.git synced 2025-07-07 13:32:18 -07:00

Framework for Man-In-The-Middle attacks

Find a file

byt3bl33d3r 129db99395 updated readme		2014-07-16 04:34:57 +02:00
app_cache_poison	initial commit	2014-07-07 13:40:49 +02:00
bdfactory@63ae286b54	added submodule bdfactory	2014-07-12 08:31:09 +02:00
plugins	removed a print statement	2014-07-15 22:51:37 +02:00
sslstrip	fixed error in jskeylogger output	2014-07-16 04:28:15 +02:00
.gitignore	filepwn plugin intial commit	2014-07-12 17:18:32 +02:00
.gitmodules	added submodule bdfactory	2014-07-12 08:31:09 +02:00
filepwn.cfg	added config file for FilePwn plugin	2014-07-12 17:22:53 +02:00
LICENSE	Initial commit	2014-07-07 13:13:51 +02:00
lock.ico	initial commit	2014-07-07 13:40:49 +02:00
mitmf.py	removed a print statement	2014-07-15 22:51:37 +02:00
msfrpc.py	added JavaPwn plugin	2014-07-15 17:47:42 +02:00
README.md	updated readme	2014-07-16 04:34:57 +02:00

MITMf

Framework for Man-In-The-Middle attacks

This tool is completely based on sergio-proxy https://code.google.com/p/sergio-proxy/ and is an attempt to revive and update the project.

So far the most significant changes have been:

Arpspoof plugin has been completely re-written to use scapy (Now able to poison via arp-requests and arp-replies)
Usage of third party tools has been completely removed (e.g. ettercap)
Addition of the BrowserProfiler plugin
Addition of the JsKeylogger plugin
FilePwn plugin re-written to backdoor executables and zip files on the fly by using the-backdoor-factory
https://github.com/secretsquirrel/the-backdoor-factory
Added msfrpc.py for interfacing with Metasploits rpc server
Addition of the app-cache poisoning attack by Krzysztof Kotowicz
JavaPwn plugin now live! Auto-detect and exploit clients with out-of-date java plugins using the Metasploit Frameworks rpc interface!!

Coming Soon: