HTTPS Attacks
SSLStrip
https://scotthelme.co.uk/wifi-pineapple-karma-sslstrip/
Tutorial: Sniffing Passwords with SSLStrip on the WiFi Pineapple - Pineapple University
https://www.youtube.com/watch?v=mf5ipnmvDxE
http://reti2.blogspot.it/search?q=pineapple
Questo non richiede il wifi pineapple: https://moxie.org/software/sslstrip/
Per il sw completo e altre discussioni: https://www.owasp.org/images/7/7a/SSL_Spoofing.pdf
Session hijacking https://scotthelme.co.uk/session-hijacking-ssl-doesnt-mean-secure/
Vulnerabilità pressoché ubique che permettono MITM
https://www.us-cert.gov/ncas/alerts/TA17-075A
Login form su HTTP
https://www.troyhunt.com/5-ways-to-implement-https-in (problem 5)
https://www.troyhunt.com/your-login-form-posts-to-https-but-you
https://scotthelme.co.uk/wifi-pineapple-karma-sslstrip/
Tutorial: Sniffing Passwords with SSLStrip on the WiFi Pineapple - Pineapple University
https://www.youtube.com/watch?v=mf5ipnmvDxE
http://reti2.blogspot.it/search?q=pineapple
Questo non richiede il wifi pineapple: https://moxie.org/software/sslstrip/
Per il sw completo e altre discussioni: https://www.owasp.org/images/7/7a/SSL_Spoofing.pdf
Session hijacking https://scotthelme.co.uk/session-hijacking-ssl-doesnt-mean-secure/
Vulnerabilità pressoché ubique che permettono MITM
https://www.us-cert.gov/ncas/alerts/TA17-075A
Login form su HTTP
https://www.troyhunt.com/5-ways-to-implement-https-in (problem 5)
https://www.troyhunt.com/your-login-form-posts-to-https-but-you