Displaying 1 to 20 from 45 results

bettercap - A complete, modular, portable and easily extensible MITM framework.

  •    Ruby

bettercap is a complete, modular, portable and easily extensible MITM tool and framework with every kind of diagnostic and offensive feature you could need in order to perform a man in the middle attack. All dependencies will be automatically installed through the RubyGems system but in some cases you might need to install some system dependency in order to make everything work.

betwixt - :zap: Web Debugging Proxy based on Chrome DevTools Network panel.

  •    Javascript

Betwixt will help you analyze web traffic outside the browser using familiar Chrome DevTools interface. Download the latest release for your operating system, build your own bundle or run Betwixt from the source code.

BDFProxy - Patch Binaries via MITM: BackdoorFactory + mitmProxy. (NOT SUPPORTED)

  •    Python

For security professionals and researchers only. About 18 minutes in is the BDFProxy portion.

bettercap - The Swiss Army knife for 802

  •    Go

bettercap is the Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and attacks. A precompiled version is available for each release, alternatively you can use the latest version of the source code from this repository in order to build your own binary.




shuttle - A web proxy in Golang with amazing features.

  •    Go

Shuttle is a cross-platform network proxy tool based on Go. Download the zip file from release and unzip it. The Folder structure is shown below.

MITMf - Framework for Man-In-The-Middle attacks

  •    Python

This project is no longer being updated. MITMf was written to address the need, at the time, of a modern tool for performing Man-In-The-Middle attacks. Since then many other tools have been created to fill this space, you should probably be using Bettercap as it is far more feature complete and better maintained. This tool is based on sergio-proxy and is an attempt to revive and update the project.

mitmAP - 📡 A python program to create a fake AP and sniff data.

  •    Python

I'm not responsible for anything you do with this program, so please only use it for good and educational purposes.

hoverfly - Lightweight service virtualization/API simulation tool for developers and testers

  •    Go

Hoverfly is a lightweight, open source API simulation tool. Using Hoverfly, you can create realistic simulations of the APIs your application depends on. Hoverfly is developed and maintained by SpectoLabs.


ssh-mitm - SSH man-in-the-middle tool

  •    Shell

This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client will complain that the server's key has changed. But because 99.99999% of the time this is caused by a legitimate action (OS re-install, configuration change, etc), many/most users will disregard the warning and continue on.

proxify - Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go

  •    Go

Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally a replay utility allows to import the dumped traffic (request/responses with correct domain name) into burp or any other proxy by simply setting the upstream proxy to proxify. This will display help for the tool. Here are all the switches it supports.

hetty - Hetty is an HTTP toolkit for security research.

  •    Go

Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community. ℹī¸ Hetty is in early development. Additional features are planned for a v1.0 release. Please see the backlog for details.

injectify - Perform advanced MiTM attacks on websites with ease 💉

  •    TypeScript

Injectify is a modern web based MiTM tool, similiar to BeEF (although completely unrelated in terms of source code). It features cross-platform clients (Web, Desktop, Browser extension).

pokemon-go-mitm - 🎁 Pokemon Go MITM Proxy - Intercepts the traffic between your Pokemon Go app and their servers, decodes the protocol and gives you a handy tool to enrich your own game experience on the fly

  •    CoffeeScript

Pokemon Go MITM Proxy - Intercepts the traffic between your Pokemon Go App and their servers, decodes the protocol and gives you a handy tool to enrich your own game experience by altering the data on the fly.

SSLsplit - Transparent SSL/TLS interception

  •    C

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. It is intended to be useful for network forensics, application security analysis and penetration testing. SSLsplit is designed to transparently terminate connections that are redirected to it using a network address translation engine. SSLsplit then terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted.

injectify - Perform advanced MiTM attacks on websites with ease 💉

  •    TypeScript

Injectify is a modern web based MiTM tool, similiar to BeEF (although completely unrelated in terms of source code). It features cross-platform clients (Web, Desktop, Browser extension).

bettercap-ng - bettercap-ng is a complete reimplementation of bettercap, the Swiss army knife for network attacks and monitoring

  •    Go

bettercap-ng is a complete reimplementation of bettercap, the Swiss army knife for network attacks and monitoring. It is faster, stabler, smaller, easier to install and to use. In this repository, BetterCAP is containerized using Alpine Linux - a security-oriented, lightweight Linux distribution based on musl libc and busybox. The resulting Docker image is relatively small and easy to manage the dependencies.

rocky - Full-featured, middleware-oriented, programmatic HTTP and WebSocket proxy for node.js

  •    Javascript

A multipurpose, full-featured, middleware-oriented and hackable HTTP/S and WebSocket proxy with powerful built-in features such as versatile routing layer, traffic interceptor and replay to multiple backends, built-in balancer, traffic retry/backoff logic, hierarchical configuration, among others. Built for node.js/io.js.rocky can be fluently used programmatically or via command-line interface. It's framework agnostic, but you can optionally plug in with connect/express apps.

node-http-mitm-proxy - HTTP Man In The Middle (MITM) Proxy

  •    Javascript

HTTP Man In The Middle (MITM) Proxy written in node.js. Supports capturing and modifying the request and response data. type definitions are now included in this project, no extra steps required.

gattacker - A Node

  •    Javascript

A Node.js package for BLE (Bluetooth Low Energy) Man-in-the-Middle & more. If you run "central" and "peripheral" modules on separate boxes with just one BT4 interface, you can leave the values commented.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.