June 2017
Intermediate to advanced
338 pages
8h 28m
English
SSLstrip (https://moxie.org/software/sslstrip/ ) is an MITM attack tool created by a hacker by the name of Moxie Marlinspike that transparently intercepts HTTPS traffic and replaces any HTTPS links and redirects with HTTP look-alikes, which we can see are completely unprotected. This attack is like a test of browser configurations and user diligence, but it can also stress the importance of DNS Security, PKI, two-way certificate checks, and two-factor authorization.
Jason Beltrame and I wrote about it in our book Penetration Testing with the Raspberry Pi, Second Edtition (https://www.packtpub.com/networking-and-servers/penetration-testing-raspberry-pi-second-edition), but in this case, we'll forgo the physical ...
Read now
Unlock full access