The best MITM tool on Kali Linux MITMF
Injecting payload into softwares via HTTP
Mitm Attack MITMf Framework for Man In The Middle
Framework for Man-In-The-Middle attacks
Quick tutorials, examples and developer updates at: https://byt3bl33d3r.github.io
This tool is based on sergio-proxy and is an attempt to revive and update the project.
The framework contains a built-in SMB, HTTP and DNS server that can be controlled and used by the various plugins, it also contains a modified version of the SSLStrip proxy that allows for HTTP modification and a partial HSTS bypass.
As of version 0.9.8, MITMf supports active packet filtering and manipulation “basically what etterfilters did, only better”, allowing users to modify any type of traffic or protocol.
The configuration file can be edited on-the-fly while MITMf is running, the changes will be passed down through the framework: this allows you to tweak settings of plugins and servers while performing an attack.
MITMf will capture FTP, IRC, POP, IMAP, Telnet, SMTP, SNMP, NTLMv1/v2 all supported protocols like HTTP, SMB, LDAP etc. and Kerberos credentials by using Net-Creds, which is run on startup.
Responder integration allows for LLMNR, NBT-NS and MDNS poisoning and WPAD rogue server support.