Search Results for "using"

Inspecting a mobile app's HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However, with the Network Security Configuration introduced in Android 7 and app developers trying to prevent MITM attacks using certificate pinning, getting an app to work with an HTTPS proxy has become quite tedious.

proxy.py is made with performance in mind. By default, proxy.py will try to utilize all available CPU cores to it for accepting new client connections. This is achieved by starting AcceptorPool which listens on configured server port. Then, AcceptorPool starts Acceptor processes (--num-acceptors) to accept incoming client connections. Alongside, if --threadless is enabled, ThreadlessPool is setup which starts Threadless processes (--num-workers) to handle the incoming client connections....

Hoverfly is a lightweight, open source API simulation tool. Using Hoverfly, you can create realistic simulations of the APIs your application depends on. Replace unreliable test systems and restrictive API sandboxes with high-performance simulations in seconds. Run on MacOS, Windows or Linux, or use native Java or Python language bindings to get started quickly. Simulate API latency or failure when required by writing custom scripts in the language of your choice.

Betwixt will help you analyze web traffic outside the browser using familiar Chrome DevTools interface. Download the latest release for your operating system, build your own bundle or run Betwixt from the source code. In order to capture traffic, you'll have to direct it to the proxy created by Betwixt in the background.

...Rootsector module allows you to automate some attacks over DNS_SPOOF + MitM (phishing - social engineering) using metasploit, apache2 and ettercap frameworks. Like the generation of payloads, shellcode, backdoors delivered using dns_spoof and MitM method to redirect a target to your phishing webpage. recent as introducted the scanner inurlbr (by cleiton)

...It can also be used for testing and rating ciphers on SSL clients. It has also specific support for pop3s, sip, smtp and explicit ftps. Tests for heartbleed (including dtls). Furthermore a separate tool, SSLPressure, not using openssl can be used to check the whole spectrum of possible SSL protocols on a server. Can also be used for testing ssl for mssql-servers (was added since nessus did not support this) and contains mitm poc for stripping ssl from mssql-connections.

...Wave is a compact framework that does not include bloated libraries and features and is developed keeping lightweight speed and optimizations in mind. While not necessary for using Wave Framework, it comes by default with a URL and View controllers intended for building websites by solving URL requests and loading views. Mercurial and Git repositories is available for developers who are interested in following the development. Official website and documentation: http://www.waveframework.com Social networks for latest news: Google+ - http://plus.google.com/106969835456865671988 Facebook - http://www.facebook.com/waveframework Twitter - http://www.twitter.com/WWWFramework

ARP Poisoning - Show denial of service and man in the middle attacks using raw socket in c http://proxytype.blogspot.com

NetBox is a software programmed in C for testing vulnerabilities in the network. Using this software you can attack your network using a combination of differents known attacks (ARP or DNS Spoofing, MITM, ...) and detect bugs of security.