Přístupnostní navigace
E-přihláška
Vyhledávání Vyhledat Zavřít
Detail produktu
LETAVAY, V. PLUSKAL, J. VESELÝ, V. GRÉGR, M.
Typ produktu
software
Abstrakt
The tool allows to perform Man-in-the-middle attack and inject monitoring JavaScript into the HTTP/S communication. The monitoring script is able to record information about the submitted HTML forms; the contents and location of pasted texts from the clipboard; extract credentials that are stored in the browser when the user visits the domain. The extracted information is sent to the monitoring server, where it is further processed and assigned to individual unique user identifiers. The monitoring server also allows operators to view stored data using a simple web interface. Injecting of a custom JavaScript code into HTTP/S communication is made possible by modification of SSLSplit tool. The implemented tool was designed to demonstrate the above-mentioned security issues and serves to enhance user awareness about network security.
Klíčová slova
web activity monitoring, SSLSplit
Datum vzniku
15. 3. 2019
Umístění
https://github.com/nesfit/sslsplit_keylogger
Možnosti využití
K využití výsledku jiným subjektem je vždy nutné nabytí licence
Licenční poplatek
Poskytovatel licence na výsledek nepožaduje licenční poplatek
www