๐Ÿ–ฅ๏ธ
Offensive security concepts
  • Introduction
  • ๐Ÿ’ฟVirtualbox network setup
    • What is VirtualBox?
    • NAT
    • NAT network
    • Bridged adapter
    • Internal network
    • pfSense
    • vboxmanage
    • Overview
  • ๐Ÿ•ต๏ธOSINT
    • What is OSINT?
    • Google dorks
    • Metadata
    • Social media
      • osintagram
  • Tools
    • waybackurls
    • recon-ng
    • sherlock
    • maltego
    • theHarvester
    • photon
  • ๐Ÿ˜จSocial Engineering
    • What is social engineering?
    • 7 tricks of social engineering
    • Email phishing
    • Typosquatting
    • Compiled resources
  • ๐Ÿ˜ˆMitM attack
    • What is MitM attack?
    • ARP spoof/poison
    • DNS spoof/poison
    • HTTP MitM attack
    • ICMP redirect attack
    • DHCP spoofing
    • Evil twin attack
    • Experiment (guest network)
    • Compiled resources
  • ๐Ÿ”ŒUPnP exploitation
    • What is UPnP?
    • What is SSDP?
    • IGD functions
    • LAN devices
    • Compiled resources
  • Network Reconnaissance & Attacks
    • What is network recon & attacks?
  • 1๏ธโƒฃNetwork live host discovery
    • What is network live host discovery?
    • nmap
    • arp-scan
    • masscan
  • 2๏ธโƒฃNetwork port scan/services enumeration
    • What is network port scan/services enumeration?
    • nmap
    • netcat
  • 3๏ธโƒฃNetwork services vulnerability scanning & exploitation
    • What is network vulnerability scanning/exploitation?
    • 20/21 ~ FTP
    • 22 ~ SSH
    • 25 ~ SMTP
    • 53 ~ DNS
    • 80/443 ~ HTTP/HTTPS
    • 110 ~ POP3
    • 111/2049 ~ RPC/NFS
    • 139/445 ~ SMB
    • 143 ~ IMAP
    • 3389 ~ RDP
  • Vulnerability & exploitation
    • Database
    • Metasploit
    • Msfvenom
  • Misconfigurations
    • .DS_Store
  • Web Application Penetration Testing
    • Introduction
    • Web Content Discovery
      • Directories/URLs gathering
      • Subdomain enumeration
    • File inclusion & Path traversal
    • Insecure Direct Object Reference (IDOR)
    • Upload vulnerabilities
      • File extension cheat-sheet
    • SSRF
    • CSRF
    • XSS
    • SSTI
    • SQL injection
      • Filter evasion techniques
      • Practical challenge examples
        • TryHackMe
          • TryHackMe Burp suite: Repeater room
          • TryHackMe Advanced SQL Injection
  • Authentication/session management
    • OWASP WSTG-SESS-10 ~ JSON Web Token (JWT)
    • OWASP WSTG-ATHZ-05 ~ OAuth weaknesses
  • Webshell
  • Web API pentesting
    • Resources
    • Methodology
    • jq
    • httpx
    • ParamSpider
  • Web app pentesting methodology
  • OWASP
    • OWASP top 10
    • OWASP API top 10
    • Web Security Testing Guide (WSTG)
      • WSTG-ATHZ
        • WSTG-ATHZ-05 ~ OAuth weaknesses
      • WSTG-SESS
        • WSTG-SESS-10 ~ JWT
  • General web knowledge
    • URI standard (RFC 3986)
    • HTTP headers
  • ๐Ÿ›ฃ๏ธAttacks on routing protocols
    • What are attacks on routing protocols?
    • BGP hijacking
  • ๐Ÿ•๏ธTo explore
    • MQTT
    • Routersploit
    • DNS rebinding attack
    • LLMNR/mDNS poisoning
  • ๐Ÿ‘คAnonymity
    • VPN
    • Proxychains
    • TOR
    • Obfuscation
  • Credentials brute-force/cracking
    • Introduction
    • Windows SAM database
    • Dictionary attack
    • Rainbow attack
      • Hash database
    • Tools
      • Hydra
      • John the ripper
      • Hashcat
      • hash-identifier
  • Post-exploitation
    • Gaining shell
      • netcat
      • socat
      • powershell
      • bash
      • PHP
    • Repository
  • Privilege escalation
    • Linux
      • Repositories
      • Enumeration
      • Vulnerabilities exploit
        • General
        • Kernel exploit
        • Sudo
        • SUID
        • Capabilities
        • Cronjobs
        • $PATH
        • NFS (target-machine)
        • Filesystem sharing
          • NFS (attacker-machine)
    • Windows
      • Password harvesting
      • Vulnerabilities exploit
        • Scheduled tasks
        • AlwaysInstallElevated
        • Service misconfigurations
          • Insecure permissions on service executable
          • Unquoted service path
          • Insecure service permission
        • Abusing privileges
  • โ“‚๏ธMITRE ATT&CK
    • Introduction
  • ๐ŸงฐTools/services
    • Introduction
    • Web application pentesting
      • Web discovery/fuzzing
        • paramspider
        • arjun
        • katana
      • uro
      • Password brute-forcing
      • Burp Suite (Community)
      • scanners
        • ZAP (Zed Attack Proxy)
        • nikto
        • nuclei
    • Information gathering/reconnaissance
    • Network recon & attacks
      • nmap (general overview)
      • scapy
      • bettercap
    • General
      • impacket
    • Wordlists
      • cewl
  • Professional report writing
    • Report template
      • Web applicaton pentesting
        • OWASP report layout
  • Tasks on-the-go
    • Note taking on-the-go
    • Other tips
  • Practice
    • Web Application Pentesting
      • OWASP
        • OWASP Juice Shop
        • OWASP Mutillidae II
        • OWASP Hackademic
      • Vulnhub
        • ...
      • Damn Vulnerable Web Application (DVWA)
    • Metasploitable 2
  • Operational Security (OpSec)
    • Hardening
      • General
      • Oracle VirtualBox
      • Web Browser
      • VPN/Proxy
  • Safe document viewer
    • PDF
    • .docx
  • Write-ups
    • TryHackMe
      • Silver Platter
      • Light
      • Pickle Rick
      • Hammer
        • Enumeration (active recon)
          • /hmr
          • Further directory discovery
          • /phpmyadmin
          • burp suite sitemap
        • Brute forcing 4-digit code
        • Retrieving the flag
      • OWASP Top 10 - 2021 (task 22)
      • sqlmap
    • OverTheWire
      • Untitled
    • OWASP
      • OWASP Juice Shop
      • OWASP WebGoat
  • AI prompt
    • ChatGPT
Powered by GitBook
On this page
  • ARP spoof
  • DNS spoof
  • HTTP MitM attack
  • ICMP redirect attack
  1. MitM attack

Compiled resources

List of compiled references for "MITM ATTACK" section

PreviousExperiment (guest network)NextWhat is UPnP?

Last updated 10 months ago

ARP spoof

DNS spoof

HTTP MitM attack

ICMP redirect attack

๐Ÿ˜ˆ
arpspoof: intercept packets on a switched LAN | dsniff System Administration | Man Pages | ManKier
network-offensive-security-experimentations/ping-spoof/ping-spoof.py at main ยท Jarrettgohh/network-offensive-security-experimentationsGitHub
Ping spoof script
Possible workaround for IP-MAC binding security feature on routersInformation Security Stack Exchange
Information security stack exchange post
configuring_firewall
TP-LINK router firewall IP-MAC binding
dnsspoof: forge replies to DNS address / pointer queries | dsniff System Administration | Man Pages | ManKier
Logo
hosts: static table lookup for hostnames | File Formats | Man Pages | ManKier
DNS hosts file format
c-sockets/mitm_proxy_http_hijack.c at main ยท Jarrettgohh/c-socketsGitHub
ICMP Redirect Attacks in the Wild__agwa
Logo
ICMP redirect attacks with ScapyIvan's IT learning blog
Logo
Logo
Logo
Logo
Logo
Logo
Logo