Subterfuge
For the concept of subterfuge, see Deception and Military deception. For the 1968 British film, see Subterfuge (film).
 | |
| Original author(s) | r00t0v3rr1d3 (Chris Shields), 0sm0s1z (Matthew Toussain) |
|---|---|
| Initial release | July 23, 2012 |
| Stable release | 5.0.8 / March 22, 2013 |
| Development status | Active |
| Written in | Python |
| Operating system | Linux |
| Available in | English |
| Type | Computer security |
| License | GNU General Public License |
| Website | http://www.kinozoa.com (defunct) |
Subterfuge is a free and open source network security framework to demonstrate man-in-the-middle attacks and make it as simple as point and shoot.[1] Subterfuge demonstrates vulnerabilities in the Address Resolution Protocol by harvesting credentials that go across the LAN, and even exploiting machines through client-side browser injection. It is capable of running on all distributions of Linux, but developer support is limited to Kali Linux. It is capable of leveraging multiple man-in-the-middle attacks against target networks.
Features
Subterfuge Features include:
- ARP Cache Poisoning
- Credential Harvester
- Http Code Injection
- Wireless AP Generation
- WPAD Hijacking
- Rogue DHCP
Graphical interface
Subterfuge is known for its extremely modern web-based interface. The interface includes alternate perspectives for man-in-the-middle attacks through its unique network view. Subterfuge and its GUI’s purpose are primarily to demonstrate the dangers of man-in-the-middle attacks through their ease of employment with the framework itself.
References
- ↑ "Subterfuge (Man-in-the-Middle Attack Framework)". Raj Chandler. 12 December 2012. Retrieved 18 November 2013.