I Use This!
Activity Not Available
Analyzed 6 months ago. based on code collected 6 months ago.

Project Summary

The Middler is a Man in the Middle tool to demonstrate protocol middling attacks. Led by Jay Beale, the project involves a team of authors including InGuardians agents Justin Searle and Matt Carpenter. The Middler is intended to man in the middle, or "middle" for short, every protocol for which we can create code.

In our first alpha release, we released a core built by Matt and Jay, with introductory plug-ins by Justin and InGuardians agent Tom Liston. It runs on Linux and Mac OS X, with most of the code functional on Windows.

The current codebase is in the beta state, with a full release coming soon, with better documentation (see the wiki), easier installation, and even more plug-ins, at least if Justin has his way!

Plug-InsJustin and Tom's first plug-ins were very cool:

plugin-beef.py - inject the Browser Exploitation Framework (BeEF) into any HTTP requests originating on the local LAN plugin-metasploit.py - inject an IFRAME into cleartext (HTTP) requests that loads Metasploit browser exploits plugin-keylogger.py - inject a JavaScript onKeyPress event handler to cleartext forms that get submitted via HTTPS, forcing the browser to send the password character-by-character to the attacker's server, before the form is submitted. Justin has refinements to these on the way, as well as a batch of so-far unreleased modules.

The author team has done a tremendous amount of research, design and pseudo-code work, fleshing out attacks on web-based e-mail systems and social networking sites. We'll be standing up an external Wiki soon to share more of these ideas, but you can get early details from our slides from Jay and Justin's talks at Def Con and ShmooCon.

Dependencies:The Middler depends on the following Python modules:

scapy libpcap readline libdnet Please see the wiki for platform-specific installation instructions.

People:Justin Searle - Co-Author Matt Carpenter - Emeritus Co-Author Tom Liston - Emeritus Co-author Brandon Edwards - Co-Author, focus on Installation and Update MitM Jay Beale - Co-Author and Project Lead The project will soon be joined by Brandon Edwards, who brings his research on Installation and Update security.

Special Pre-Announcement:Co-author Justin Searle will be teaching a Middling for Penetration Testers class. You'll learn how to both use and add on to the Middler and other MitM tools. It promises to be very, very useful.

In a Nutshell, middler...

This Project has No vulnerabilities Reported Against it

Did You Know...

  • ...
    Black Duck offers a free tool to discover if there are open source vulnerabilities in your code
  • ...
    learn about Open Hub updates and features on the Open Hub blog
  • ...
    in 2016, 47% of companies did not have formal process in place to track OS code
  • ...
    anyone with an Open Hub account can update a project's tags

30 Day Summary

Apr 10 2016 — May 10 2016

12 Month Summary

May 10 2015 — May 10 2016


Be the first to rate this project
Click to add your rating
   Spinner f6ecff617ec2ba7f559e6f535cad9b70a3f91120737535dab4d4548a6c83576c
Review this Project!