Xplico: Difference between revisions
From charlesreid1
No edit summary |
(→Flags) |
||
| Line 31: | Line 31: | ||
{{MITMFlag}} | {{MITMFlag}} | ||
[[Category:Kali]] | |||
[[Category:January 2018]] | |||
Latest revision as of 15:31, 26 January 2018
What is it
Xplico is for extracting application data from network traffic.
This might mean looking at a pcap file and extracting particular emails (pop/imap/smtp protocols), http contents, voip calls, ftp, tfpt, etc.
It is not a network protocol analyzer, it s a network forensics analysis tool (i.e., not for profiling - for extracting and processing and sifting).
Xplico is released under the GNU General Public License.
Installing
Required packages:
apt-get install libgeoip-dev libndpi-dev libsqlite3-dev libpq-dev libmysql++-dev libjson-c-dev
install package:
git clone git://git.kali.org/packages/xplico.git cd xplico make
Flags
 |
monkey in the middle attacks in which an attacker tricks two parties into thinking they're communicating with each other, but both are communicating with the attacker.
Wireless Attacks: MITM/Wireless Wired Attacks: MITM/Wired
Layer 1 and 2 MITM Attacks: Network Tap: MITM/Wired/Network Tap Evil Twin Attack: Evil Twin · MITM/Evil Twin
Layer 3 and 4 MITM Attacks:
ARP Poisoning: MITM/ARP Poisoning Traffic Injection/Modification: MITM/Traffic Injection DNS Attacks: MITM/DNS · Bettercap/Failed DNS Spoofing Attack · Bettercap/Failed DNS Spoofing Attack 2 DHCP Attacks: MITM/DHCP WPAD MITM Attack: MITM/WPAD Port Stealing: MITM/Port Stealing Rushing Attack: MITM/Rushing Attack Attacking HTTPS: MITM/HTTPS
Session Hijacking: MITM/Session Hijacking
Toolz:
SSLSniff · SSLStrip · Frankencert
MITM Labs: {{MITMLabs}}
Category:MITM · Category:Attacks · Category:Kali Attack Layers Template:MITMLabs · Template:MITMFlag Flags · Template:MITMFlag · e |