If you are looking for a comprehensive suite that can protect Man In The Middle attacks, Ettercap is the best option. It has features that can sniff live connections along with filtering of live content and offers many other interesting tricks. It has the capability to support both active and passive dissections of many protocols and also has features that are useful for host and network analysis.
Wireshark offers tools and technologies that are useful in data packet analysis. Packet analysis made easy with Wireshark package software and helps the users to analyse the data gathered. It offers quick access to huge pcap files. It offers visually rich and powerful LAN analyser tools. It offers professional and customisable reports along with advanced alerts and triggers.
Burp Suit
It is an integrated platform that performs security testing for many web applications. The testing process becomes seamless and easy as various tools integrated in it work together to fetch the desired result. The tools start testing from the process of initial mapping and analysis of the surface that is under attack and renders the process through to find and exploit the security vulnerabilities.
TCP Dump
This is a powerful command line packet analyser tool, which is a portable C or C++ library that captures network traffic. After the dump is captured, the tool prints out the content description related to the packets on the network interface. It matches the Boolean expression and it is preceded by the time stamp so that it can be easily understood when the dump was captured.
Snort is an open source intrusion prevention system that has the capability of analyzing real-time packet logging and traffic analysis. With over 4 million downloads and about 500,000 active users, Snort is ruling the market quite comfortably compared to its competitors. It is the most widely deployed intrusion prevention system worldwide.
This is an interactive console program that ensures flowing traffic is first intercepted followed by inspection and modification, which is ultimately replayed. It also offers two others programs – mitmdump, which is a TCPdump for HTTP having the similar functionality as Mitmproxy but without the frills and the second one is libmproxy, which is a library that implements powerful interception proxies.
This is a mocking tool that helps in mocking external HTTP resources like REST APIs and web services in the tests. The inspiration for the project was actually the VCR library and was meant mainly for Ruby programing. When you are using Betamax, you don’t need to worry about network problems, resource constraints or third party downtime that hinder your testing process.
It is a free web debugging proxy that can run in any system, platform or browser. The key features of this tool include performance testing, web debugging, HTTP as well as HTTPS traffic recording, manipulation of web session, security testing; the tool is customisable as well. Whether you have Android, Mac or Windows – Fiddler can run debugging program in any machine irrespective of platform or browser.
Node Replay
This program is meant for recording and replaying the HTTP responses when you see API system is slowing you down. Node Replay records the API response just once and replays the same as and when it is necessary. The program does not get stuck and also stubs HTTP requests. It is a great tool for testing error handling as it replay different responses to the same requests.
This is a record and replay library for testing that is useful for Python HTTP. This library can support network requests that are made through urllib >= 0.6, httplib and requests >=1.2.3 including version 2.x. It is easy to install through PIP installation guide. The easiest way through which it can be used is the context manager.
It is a man-in-the-middle traffic and SSL proxy analyser tool. The tool is lightweight and allows live HTTP and HTTPS traffic inspection and analysis. It mainly aims to facilitate the features that are useful in network forensics and malware analysis. It also has the feature of saving HTTP conversations that can be used later.
It is a Java based man-in-the-middle SSL proxy. The features of this proxy have the capability to terminate the proxied HTTPS requests and resend the same to the remote server. The server certificate provided with the tool is up-to-date and is dynamically generated and signed by the proxy itself. It contains most of the same fields like that of the original webserver certificate.
It is a Java based man-in-the-middle SSL proxy. The features of this proxy have the capability to terminate the proxied HTTPS requests and resend the same to the remote server. The server certificate provided with the tool is up-to-date and is dynamically generated and signed by the proxy itself. It contains most of the same fields like that of the original webserver certificate.
Charles Proxy
This is a HTTPS man-in-the-middle proxy that enables you to see the communication between the SSL web server and web browser in the form of plain text. This proxy dynamically generates and signs the certificate so that your browser does not see it. It carries out functions like throttling, breakpoints, SSL proxying, reverse proxy and port forwarding.