Pentest Tools

Published on June 19th, 2015 📆 | 6142 Views ⚑


TheWind – a MITM attack tool

TheWind is a MITM attack tool
Aims to do man in the middle attacks on multiple application layer protocols. for now, it only supports SSL protocol.
+ Utilize Scapy ( to parse packets
+ Utilize Scapy-SSL/TLS ( to support for parsing/building SSL/TLS in Scapy.

[adsense size='1']

Features :
– SSL Freak Attack
Change and updates 15/06/2015:
–  add openvpn packet parse support.

Installation :
1) mv to ./scapy/layers
2) modify ./scapy/ to autoload ssl_tls layer

Usage :
1. redirect traffic to port 8888: iptables -t nat -A PREROUTING -p tcp –dport 443 -j REDIRECT –to-port 8888 or rdr on xxiface inet proto tcp from to any port = 443 -> port 8888
2. edit to import the right file, for example, add import freak to launch the SSL FREAK attack
3. you can write your own module to implement a specific ssl attack, the compulsory funtions you need to supply are those in

[adsense size='1']
4. if man in the middle wants to connect to another server, set useOrinAddr = False, then set ip, port
5. set doProcess = True to make the process functions take effect

Download:  | Clone Url
Source :

Tagged with:

Comments are closed.