O'Reilly logo

Web Penetration Testing with Kali Linux by Aamir Lakhani, Joseph Muniz

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Man-in-the-middle

A man-in-the-middle attack by standard definition is a form of active eavesdropping by having an attacker make independent connections with victims. The most common form of man-in-the-middle attacks are between host systems. Not too long ago, a vulnerability was found that abused the system that moves people from insecure to secure web pages. This gives attackers the ability to eavesdrop on users connecting to secure web servers. The next section will cover that vulnerability. Common man-in-the-middle attacks will be covered in later chapters in this book.

SSL strip

In 2009 security researcher Moxie Marlinspike at DefCon released SSL strip. He introduced the concept of SSL stripping, a man-in-the-middle attack in which a network ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required