Kali Linux tools

salman reza
2 min readAug 22, 2021

This week I will share 5 tools that can be used for sniffing and spoofing.\

  1. Mitmproxy -In a man-in-the-middle (MitM) attack, the attacker interjects themselves into communication between a client and a server. All traffic that flows over that connection passes through the attacker, potentially enabling them to eavesdrop on the traffic and modify the data flowing over the network. Kali Linux’s mitmproxy makes it easier to perform MitM attacks on web traffic. It allows on-the-fly capture and modification of HTTP traffic, supports client and server traffic replay, and includes the ability to automate attacks with Python. Mitmproxy also supports the interception of HTTPS traffic with SSL certificates created on the fly.
  2. Burp Suite is a suite of several different tools for penetration testing. It is focused on the security analysis of web applications. One tool in Burp Suite that is useful for sniffing and spoofing attacks is the Burp Proxy. Burp Proxy allows interception and modification of HTTP connections and offers support for HTTPS interception as well. Burp Suite works on a freemium model. The basic tools are available for free, but attacks need to be performed manually without the ability to save work.
  3. Hamster is a tool or “sidejacking”. It acts as a proxy server that replaces your cookies with session cookies stolen from somebody else, allowing you to hijack their sessions. Cookies are sniffed using the Ferret program. You need a copy of that as well.
  4. SCTPscan is a tool to scan SCTP-enabled machines…

--

--