Subterfuge - An Automated Man-in-the-Middle Attack (MITM) Framework
Subterfuge is a powerful framework that is capable of making the art of the man-in-the-middle attacks as simple as point and shoot. What sets Subterfuge apart from other attack tools is that it is easy to use and more effective.
"Subterfuge demonstrates vulnerabilities in the ARP Protocol by harvesting credentials that go across the network and even exploiting machines by injecting malicious code directly into their browsing sessions."
A rapidly-expanding portion of today's Internet strives to increase personal efficiency by turning tedious or complex processes into a framework which provides instantaneous results.
On the contrary, much of the information security community still finds itself performing manual, complicated tasks to administer and protect their computer networks.
Given the increase in automated hacking tools, it is surprising that a simplistic, "push-button" tool has not been created for information security professionals to validate their networks’ ability to protect against a Man-In-The-Middle attack.
Subterfuge is a small but devastatingly effective credential-harvesting program which exploits a vulnerability in the Address Resolution Protocol. It does this in a way that a non-technical user would have the ability, at the push of a button, to harvest all of the usernames and passwords of victims on their connected network, thus equipping information and network security professionals with a "push-button" security validation tool.
Walk into Starbucks, plop down a laptop, click start, watch the credentials roll in. It is that easy!
Source: www.effecthacking.com
Subterfuge - An Automated Man-in-the-Middle Attack (MITM) Framework
Reviewed by Anonymous
on
6:29 AM
Rating: