[Subterfuge v1.0] Automated Man-in-the-Middle Attack Framework
Subterfuge, a Framework to take the arcane art of
Man-in-the-Middle Attacks and make it as simple as point and shoot.
Subterfuge demonstrates vulnerabilities in the ARP Protocol by
harvesting credentials that go across the network and even exploiting
machines by injecting malicious code directly into their browsing
sessions.
The first step in any Subterfuge attack is gaining a Man-in-the-Middle position. Currently, Subterfuge only ships with one method of establishing itself as MITM, ARP Cache Poisoning. Nevertheless, as a framework, its modular design allows it to support multiple methods.
Some used attacks
- ARP Cache Poisoning
- Dynamic Poison Retention & ARPBLock
Subterfuge comes with modules that give the ability
to leverage the position quickly and easily. Moreover, if your needs are
particularly specific, you can create a module for Subterfuge without
the need to launch your own attack from scratch. Subterfuge comes
packaged with several default modules that you can use to great effect.
List of some integrated modules
- Credential Harvester
- Session Hijacking
- HTTP Code Injection
- Denial of Service
- Tunnel Block
- Network View
- Evilgrade
Version 1.0 is the first release of Subterfuge to have come out of
Beta! It includes significant package upgrades, compatibility fixes, a
modified interface, and a whole new packaging system.
The tool comes with a rich documentation and examples. Take care to go through the website.
[Subterfuge v1.0] Automated Man-in-the-Middle Attack Framework
![[Subterfuge v1.0] Automated Man-in-the-Middle Attack Framework](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZyReCwc25e1Dy9gFieXbcnlivjm6hWCEnCnSAV2_PPBT_eT-exC3PJgBaT3eI_9jQeebvnDPDAir9je3ZJkFaRKIgkTdAlFAHzn5hFrfiS25v7mMpPqJdtSmHDE0oapKW3wmorDpWV6M/s72-c/SubterfugeWallpaper.png)
Reviewed by Zion3R
on
1:59 PM
Rating:
Reviewed by Zion3R
on
1:59 PM
Rating:
