performing-ssl-stripping-attack

Featured

Simulates SSL stripping attacks using sslstrip, Bettercap, and mitmproxy in authorized environments to test HSTS enforcement, certificate validation, and HTTPS upgrade mechanisms that protect users from downgrade attacks on encrypted connections.

AI & Automation 12,642 stars 1468 forks Updated today Apache-2.0

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Performing SSL Stripping Attack ## When to Use - Testing whether web applications properly enforce HTTPS through HSTS headers and redirect chains - Validating that HSTS preloading is correctly configured and registered in browser preload lists - Demonstrating the risk of cleartext HTTP to stakeholders during authorized security assessments - Assessing whether internal applications and thick clients validate TLS certificates and reject downgrades - Training SOC teams to detect SSL stripping indicators in network traffic **Do not use** against networks or applications without explicit written authorization, to intercept real user credentials, or against production systems during business hours without change management approval. ## Prerequisites - Written authorization specifying in-scope applications and approved attack techniques - Bettercap 2.x or sslstrip2 installed on the attacker machine - ARP spoofing or other MITM positioning established (see ARP spoofing skill) - IP forwarding enabled on the attacker machine - Wireshark for verifying attack success and capturing evidence - Test accounts (not real user credentials) for demonstrating credential interception > **Legal Notice:** This skill is for authorized security testing and educational purposes only. Unauthorized use against systems you do not own or have written permission to test is illegal and may violate computer fraud laws. ## Workflow ### Step 1: Establish MITM Position ```bash # Enable IP forwarding ...

Details

Author
mukul975
Repository
mukul975/Anthropic-Cybersecurity-Skills
Created
3 months ago
Last Updated
today
Language
Python
License
Apache-2.0

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

conducting-man-in-the-middle-attack-simulation

Simulates man-in-the-middle attacks using Ettercap, mitmproxy, and Bettercap in authorized environments to intercept, analyze, and modify network traffic for testing encryption enforcement, certificate validation, and detection capabilities.

12,642 Updated today
mukul975
AI & Automation Featured

performing-arp-spoofing-attack-simulation

Simulates ARP spoofing attacks in authorized lab or pentest environments using arpspoof, Ettercap, and Scapy to demonstrate man-in-the-middle risks, test network detection capabilities, and validate ARP inspection countermeasures.

12,642 Updated today
mukul975
AI & Automation Featured

performing-bandwidth-throttling-attack-simulation

Simulates bandwidth throttling and network degradation attacks using tc, iperf3, and Scapy in authorized environments to test quality-of-service controls, application resilience, and network monitoring detection of traffic manipulation attacks.

12,642 Updated today
mukul975
AI & Automation Featured

performing-csrf-attack-simulation

Testing web applications for Cross-Site Request Forgery vulnerabilities by crafting forged requests that exploit authenticated user sessions during authorized security assessments.

12,642 Updated today
mukul975
AI & Automation Featured

performing-web-cache-deception-attack

Execute web cache deception attacks by exploiting path normalization discrepancies between CDN caching layers and origin servers to cache and retrieve sensitive authenticated content.

12,642 Updated today
mukul975