Open Source BSD MiTM (Man-in-The-Middle) Attack Tools

bWAPP, or a buggy web application, is a free and open source deliberately insecure web application. bWAPP helps security enthusiasts, developers and students to discover and to prevent web vulnerabilities. bWAPP prepares one to conduct successful penetration testing and ethical hacking projects. What makes bWAPP so unique? Well, it has over 100 web bugs! It covers all major known web vulnerabilities, including all risks from the OWASP Top 10 project. The focus is not just on one specific issue... bWAPP is covering a wide range of vulnerabilities! bWAPP is a PHP application that uses a MySQL database. It can be hosted on Linux/Windows with Apache/IIS and MySQL. It is supported on WAMP or XAMPP. Another possibility is to download bee-box, a custom VM pre-installed with bWAPP. This project is part of the ITSEC GAMES project. You can find more about the ITSEC GAMES and bWAPP projects on our blog. For security-testing and educational purposes only! Cheers Malik Mesellem

Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis. Development has been moved to GitHub, https://github.com/Ettercap/ettercap

The WiFi-Pumpkin is a rogue AP framework to easily create these fake networks, all while forwarding legitimate traffic to and from the unsuspecting target. It comes stuffed with features, including rogue Wi-Fi access points, deauth attacks on client APs, a probe request and credentials monitor, transparent proxy, Windows update attack, phishing manager, ARP Poisoning, DNS Spoofing, Pumpkin-Proxy, and image capture on the fly. moreover, the WiFi-Pumpkin is a very complete framework for auditing Wi-Fi security check the list of features is quite broad.

Hyenae is a highly flexible platform independent network packet generator. It allows you to reproduce several MITM, DoS and DDoS attack scenarios, comes with a clusterable remote daemon and an interactive attack assistant. *** Hyenae is back *** Hyenae will be continued here: https://sourceforge.net/p/hyenae-ng

Don't let cumbersome web debugging tools hold you back. With Proxyman's native macOS app, you can capture, inspect, and manipulate HTTP(s) traffic with ease. Intuitive, thoughtful, and built with meticulous attention to detail. Dive into the network level to diagnose and fix problems with reliable and powerful tools. Proxyman acts as a man-in-the-middle server that captures the traffic between your applications and SSL Web Server. With a built-in macOS setup, so you can inspect your HTTP/HTTPS Request and Responses in plain text with just one click. Narrow down your search with Proxyman's Multiple Filters. You can combine complex filtered criteria like Protocol, Content-Type, URL, Request Header, Response Header, Body, etc that find exact what you're looking for.

zynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.

RTCP is a network man-in-the-middle service for protecting TCP, enabling fault-tolerant servers to recover their connections when restarting.

CookieMonster that demonstrates HTTP session hijacking attacks. It sniff your network interface and hijack all cookie. The hijacked cookies can be edit and/or injected in your Firefox. It include a arp poisoning tool.

GPP is a General Purpose Proxy Java graphical application intended mainly for packet inspection and modification. It's main idea is to be a little user-friendly portable man-in-the-middle tool for security analysis. Later, some protocols should be added

Mock in the Middle is a Java Proxy designed for testing network applications. It serves as a mock proxy between a client and a server. By recording and replaying network conversations, the client can later be tested without a live server.

Netstorm is a highly flexible, fast and plattform independent network security and reliability tester which allows you to setup real world low level flood attack scenarios (such as MITM, DoS and DDoS) within a local area network and on the internet.

Application proxy toolkit which inherits the ideology of TIS fwtk and maintains API backwards compatibility. The design goal is to make it simple yet powerful; no performance hacks allowed in the code and library dependencies are reduced to minimum.

Cross-platform high-level cryptographic library. Themis helps to build simple and complex cryptographic features easily, quickly, and securely. It’s a perfect fit for multi-platform apps. Themis hides cryptographic details and eliminates popular mistakes. Themis provides ready-made building blocks (“cryptosystems”) for secure data storage, message exchange, socket connections, and authentication. Secure Cell is a multi-mode cryptographic container suitable for storing anything from encrypted files to database records. Use Secure Cell to encrypt data at rest. Secure Cell is built around AES-256-GCM, and AES-256-CTR. Secure Message is a simple encrypted messaging solution for the widest scope of applications. Use Secure Message to send encrypted and signed data from one user to another, from client to server, to prevent MITM attacks and avoid single secret leakage. Based on ECC + ECDSA / RSA + PSS + PKCS#7.

TSeep is a local network proxy used to MITM SSL and other standard/non-standard TCP based protocols.

ISR-evilgrade: is a modular framework that allow us to take advantage of poor upgrade implementations by injecting fake updates.

Operative Systems Suported are: Linux-ubuntu, kali-linux, backtack-linux (un-continued), freeBSD, Mac osx (un-continued) Netool its a toolkit written using 'bash, python, ruby' that allows you to automate frameworks like Nmap, Driftnet, Sslstrip, Metasploit and Ettercap MitM attacks. this toolkit makes it easy tasks such as SNIFFING tcp/udp traffic, Man-In-The-Middle attacks, SSL-sniff, DNS-spoofing, D0S attacks in wan/lan networks, TCP/UDP packet manipulation using etter-filters, and gives you the ability to capture pictures of target webbrowser surfing (driftnet), also uses macchanger to decoy scans changing the mac address. Rootsector module allows you to automate some attacks over DNS_SPOOF + MitM (phishing - social engineering) using metasploit, apache2 and ettercap frameworks. Like the generation of payloads, shellcode, backdoors delivered using dns_spoof and MitM method to redirect a target to your phishing webpage. recent as introducted the scanner inurlbr (by cleiton)

EtherMan: Ethernet Man In The Middle Attack Tool. It is capable of forcing traffic between two hosts to pass by a third party (MITM) and then redirected to its original destination again. This program is written for educational reasons, and I am not res