bettercap is a complete, modular, portable and easily extensible MITM tool and framework with every kind of diagnostic and offensive feature you could need in order to perform a man in the middle attack. All dependencies will be automatically installed through the RubyGems system but in some cases you might need to install some system dependency in order to make everything work.
bettercap mitm man-in-the-middle spoofing security security-audit tls proxy ettercap sslstripBetwixt will help you analyze web traffic outside the browser using familiar Chrome DevTools interface. Download the latest release for your operating system, build your own bundle or run Betwixt from the source code.
capture-traffic proxy electron chrome-devtools mitm traffic devtoolsFor security professionals and researchers only. About 18 minutes in is the BDFProxy portion.
bdf bdfproxy mitmproxy mitm-attacks mitmbettercap is the Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and attacks. A precompiled version is available for each release, alternatively you can use the latest version of the source code from this repository in order to build your own binary.
bettercap bettercap-ng password-sniffer mitm man-in-the-middle rogue-ap wireless wifi hacking security spoofing proxy golang-application wifi-security deauthentication-attack dot11 network-attacks monitoringShuttle is a cross-platform network proxy tool based on Go. Download the zip file from release and unzip it. The Folder structure is shown below.
shadowsocks proxy mitm dns ss-localThis project is no longer being updated. MITMf was written to address the need, at the time, of a modern tool for performing Man-In-The-Middle attacks. Since then many other tools have been created to fill this space, you should probably be using Bettercap as it is far more feature complete and better maintained. This tool is based on sergio-proxy and is an attempt to revive and update the project.
mitm man-in-the-middle frameworkI'm not responsible for anything you do with this program, so please only use it for good and educational purposes.
pentesting hacking wifi fake-ap kali-linux infosec mitm access-point wirelessHoverfly is a lightweight, open source API simulation tool. Using Hoverfly, you can create realistic simulations of the APIs your application depends on. Hoverfly is developed and maintained by SpectoLabs.
api-simulation proxy mitm testing-tools mocking stubbing service-virtualization http https testing hoverflyThis penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client will complain that the server's key has changed. But because 99.99999% of the time this is caused by a legitimate action (OS re-install, configuration change, etc), many/most users will disregard the warning and continue on.
penetration-testing ssh mitm man-in-the-middle man-in-the-middle-attack hackingInjectify is a modern web based MiTM tool, similiar to BeEF (although completely unrelated in terms of source code). It features cross-platform clients (Web, Desktop, Browser extension).
mitm xss console-replication typescript nodejs modular reactjs redux webpack github-oauth mongodbPokemon Go MITM Proxy - Intercepts the traffic between your Pokemon Go App and their servers, decodes the protocol and gives you a handy tool to enrich your own game experience by altering the data on the fly.
pokemon mitm mitmproxy coffeescript pokemon-go man-in-the-middlebettercap-ng is a complete reimplementation of bettercap, the Swiss army knife for network attacks and monitoring. It is faster, stabler, smaller, easier to install and to use. In this repository, BetterCAP is containerized using Alpine Linux - a security-oriented, lightweight Linux distribution based on musl libc and busybox. The resulting Docker image is relatively small and easy to manage the dependencies.
bettercap bettercap-ng password-sniffer mitm man-in-the-middle rogue-ap wireless wifi hacking security spoofing proxy golang-applicationA multipurpose, full-featured, middleware-oriented and hackable HTTP/S and WebSocket proxy with powerful built-in features such as versatile routing layer, traffic interceptor and replay to multiple backends, built-in balancer, traffic retry/backoff logic, hierarchical configuration, among others. Built for node.js/io.js.rocky can be fluently used programmatically or via command-line interface. It's framework agnostic, but you can optionally plug in with connect/express apps.
http-proxy replay-requests middleware proxy replay gateway microservice forward-proxy forward balancer http websocket reverse migration migrate repeat traffic router intercept interceptor capture sniffer mitm load hackableA Node.js package for BLE (Bluetooth Low Energy) Man-in-the-Middle & more. If you run "central" and "peripheral" modules on separate boxes with just one BT4 interface, you can leave the values commented.
bluetooth ble bluetooth-low-energy bluetooth-smart mitm man-in-the-middle debug proxyThis is an example of a Bonjour/Zeroconf Man-in-the-Middle attack. This software showcases the attack of an IPP enabled printer. It will intercept all print jobs sent to the target printer.This attack only works for Bonjour/Zeroconf and IPP enabled printers. Only jobs sent from clients that have the printer configured using Bonjour/Zeroconf will have their jobs intercepted.
ipp print printer intercept man-in-the-middle mitm mim mitma attack dns-sd dnssd bonjour zeroconfmitm-server exports a function that opens a proxy server. This server can be used as a system level proxy, or by a specific browser or application. Every request made through this proxy will be passed to the handler function as a req res pair. The handler can then write an arbitrary response. The proxy server is designed to work with https connections, and therefore needs to be initialized with a root certificate. This root certificate is used to generate certs for each https domain. For https requests to work correctly, the request application (or os) will need to either ignore ssl errors, or trust the root cert used by the proxy.handler will be passed 3 arguments for each inbound request.
mitm proxy serverRun this and it will automatically listen at port 8128. This example will work as both a regular HTTPS proxy (via CONNECT) as well as a transparent HTTPS proxy (via SNI). The proxy will log bodies for all HTTP responses, and only HTTPS responses that fit '*.github.com' (note that the asterisk only works one level deep, see the SSL Certificates section).
proxy http https mitm intercept transparent
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.