Introduction

Welcome to the Learning’s Man in the Middle course. By the completion of this course, you will learn about some of the attacks you can launch against devices connected on your network.

You will be able to captiure any type of data that is sent within your network, whether it is passwords, urls, videos, images, messages anything that any device does on the Internet within the network you are in, you will be able to capture it.

You will also be able to modify the data, before the answer reaches the target device. For example, let’s suppose that one of the devices connected in your network searched for Facebook, you can redirect the returned site to a “Fake Facebook”.

All of these attacks are possible because of a weakness in the ARP protocol. When this protocol was programmed, it was made in a way that it has a vulnerability which allowed a person to perform these attacks without interacting with them. So, we’d be able to send any key loggers or trojan horses to these devices and be able to steal all their passwords, cookies, URLs, basically whatever they do on the internet without directly interacting with the users. We’ll be interacting with the devices, but the users won’t be aware of that interaction.

All of these attacks work on any device, as long as they are connected to a network. So you will be able to run them in phones, tablets, computers (independently on their operating system) because all of these devices use the ARP protocol which has this weakness.