MITMf – Framework for Man-In-The-Middle attacks

MITMF is another framework that can be used for man-in-the-middle attack. the tool is python based and have several plugins that adds more functionality during a penetration test. some of useful plugins are:

    • jskeylogger – this plugin injects a javascript keylogger into clients webpages to have all victim keystrokes on the webpage.
    • JavaPwn – Performs drive-by attacks on clients with out-of-date java browser plugins this can be integrated with Metasploit to install the fake java update with exploit.
    • FilePwn – This plugin uses the-backdoor-factory to patch executables and zip files being sent over http
    • Spoof – Redirect traffic using ARP Spoofing, DNS Spoofing or ICMP Redirects
    • BrowserProfiler – this plugin will check type of client browser it will help in identifying any vulnerabilities

 MITMfscreenshot for MITMf on Kali (click to enlarge)

The tool have integration for sslstrip and it have many modules for pentesting the network.  If you are going to use this tool with kali you need to add some python module such as pefile, nfqueue.  You can download the tool over this link: https://github.com/byt3bl33d3r/MITMf

Share