Man In The Middling Everything With The Middler presented at ShmooCon 2009

by Jay Beale (JJB Security Consulting),

Tags: Security Web Browser

Summary : Middler is an open source, plugin-extensible attack tool for man in the middling (AKA middling) TCP applications, particular those using HTTP. We'll demonstrate attacks on a series of web applications, including Gmail, LinkedIn, and LiveJournal. We'll also compromise computers and an iPhone by subverting their software installation and update process. We'll inject Javascript, including the Browser Exploitation Framework (BEeF) into browser sessions and demonstrate CSRF attacks.
Jay Beale has created several defensive security tools, including Bastille UNIX and the CIS Unix Scoring Tool, both of which are used throughout industry and government. He has served as an invited speaker at many industry and government conferences, a columnist for Information Security Magazine, SecurityPortal and SecurityFocus, and a contributor to nine books, including those in his Open Source Security Series and the "Stealing the Network" series. Jay works as a security analyst at InGuardians.