Mitmproxy.org How MITMproxy has been slaying SSL …
How MITMproxy has been slaying SSL Dragons
OWASP
April 14 2012
Jim Cheetham University of Otago Information Security Office jim.cheetham@otago.ac.nz
Copyright ? The University of Otago Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike 3.0 New Zealand (CC BY-SA 3.0) licence.
The OWASP Foundation
Introduction
What is MITMproxy? Why is it useful? Dragon-slaying successes How does it work? How do we use it? (Demos)
OWASP
2
What is MITMproxy?
"An SSL-capable man-in-the-middle proxy" Generic pentest/debug tool Interactive, console based ? intercept &| modify Passive ? like tcpdump/tshark Replay previous data Preserve cookies & authentication Extensible ? invoke Python modules
Or system commands
Programmable via libmproxy
OWASP
3
Not just good looks
OWASP
4
Project maturity
Initial: v0.2 ? March 2010 Current: v0.8 ? 9 April 2012 License: GPL v3 (+OpenSSL) Author: Aldo Cortesi
Network security, penetration testing, security architecture, source audits, risk assessment, software development
OWASP
5
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related searches
- how long has man been around
- how long has been out
- how long has wikipedia been around
- how long has cosmetic surgery been around
- has been vs have been grammar
- have been or has been grammar rule
- has been or have been grammar rules
- has been have been difference
- has been and had been difference
- has been have been grammar
- has been or have been examples
- how long has amazon been in business