Přístupnostní navigace
E-application
Search Search Close
Product detail
LETAVAY, V. PLUSKAL, J. VESELÝ, V. GRÉGR, M.
Product type
software
Abstract
The tool allows to perform Man-in-the-middle attack and inject monitoring JavaScript into the HTTP/S communication. The monitoring script is able to record information about the submitted HTML forms; the contents and location of pasted texts from the clipboard; extract credentials that are stored in the browser when the user visits the domain. The extracted information is sent to the monitoring server, where it is further processed and assigned to individual unique user identifiers. The monitoring server also allows operators to view stored data using a simple web interface. Injecting of a custom JavaScript code into HTTP/S communication is made possible by modification of SSLSplit tool. The implemented tool was designed to demonstrate the above-mentioned security issues and serves to enhance user awareness about network security.
Keywords
web activity monitoring, SSLSplit
Create date
15. 3. 2019
Location
https://github.com/nesfit/sslsplit_keylogger
Possibilities of use
K využití výsledku jiným subjektem je vždy nutné nabytí licence
Licence fee
Poskytovatel licence na výsledek nepožaduje licenční poplatek
www