Xplico
From charlesreid1
What is it
Xplico is for extracting application data from network traffic.
This might mean looking at a pcap file and extracting particular emails (pop/imap/smtp protocols), http contents, voip calls, ftp, tfpt, etc.
It is not a network protocol analyzer, it s a network forensics analysis tool (i.e., not for profiling - for extracting and processing and sifting).
Xplico is released under the GNU General Public License.
Installing
Required packages:
apt-get install libgeoip-dev libndpi-dev libsqlite3-dev libpq-dev libmysql++-dev libjson-c-dev
install package:
git clone git://git.kali.org/packages/xplico.git cd xplico make
Flags
monkey in the middle attacks in which an attacker tricks two parties into thinking they're communicating with each other, but both are communicating with the attacker.
Wireless Attacks: MITM/Wireless Wired Attacks: MITM/Wired
Layer 1 and 2 MITM Attacks: Network Tap: MITM/Wired/Network Tap Evil Twin Attack: Evil Twin · MITM/Evil Twin
Layer 3 and 4 MITM Attacks:
ARP Poisoning: MITM/ARP Poisoning Traffic Injection/Modification: MITM/Traffic Injection DNS Attacks: MITM/DNS · Bettercap/Failed DNS Spoofing Attack · Bettercap/Failed DNS Spoofing Attack 2 DHCP Attacks: MITM/DHCP WPAD MITM Attack: MITM/WPAD Port Stealing: MITM/Port Stealing Rushing Attack: MITM/Rushing Attack Attacking HTTPS: MITM/HTTPS
Session Hijacking: MITM/Session Hijacking
Toolz:
SSLSniff · SSLStrip · Frankencert
MITM Labs: {{MITMLabs}}
Category:MITM · Category:Attacks · Category:Kali Attack Layers Template:MITMLabs · Template:MITMFlag Flags · Template:MITMFlag · e |