Close Menu
    What's Hot

    Why GRC Services Are Vital for Business Growth and Compliance in 2025

    July 1, 2025

    Ultimate Guide to Attack Surface Scanning

    April 10, 2025

    Recent Trends in Zero Trust Architecture

    March 3, 2025
    Facebook X (Twitter) Instagram LinkedIn WhatsApp
    HITH Blog – HackerinthehouseHITH Blog – Hackerinthehouse
    • Bug Bounty

      A Beginner’s guide to Active Directory Penetration Testing

      June 21, 2023

      Building an XSS Scanner with Python

      February 27, 2023

      Journey to Website Security: Uncovering Hyperlink Injection Dangers

      February 24, 2023

      File Upload XSS | Find XSS in a different way while doing Bug bounty and Pentesting

      January 13, 2023

      How To Find DOM-based XSS Vulnerability

      December 27, 2022
    • Pen Testing

      Privileged Escalation: How Hackers Exploit Permissions to Compromise Your Systems

      March 5, 2024

      The Ultimate Guide to Vulnerability Scanning

      December 13, 2023

      Top 10 Tools for Real World Red Teaming

      November 18, 2023

      Locking Down OAuth 2.0: Critical Steps to Protect User Accounts and Data

      November 10, 2023

      Detailed guide on Password Transmutations

      April 29, 2023
    • Cyber Security

      Why GRC Services Are Vital for Business Growth and Compliance in 2025

      July 1, 2025

      Ultimate Guide to Attack Surface Scanning

      April 10, 2025

      Recent Trends in Zero Trust Architecture

      March 3, 2025

      Modern Defensive Cybersecurity Services

      December 29, 2024

      A Comprehensive Guide on Cyber Security Services VS Cyber Security Products

      June 14, 2024
    • Services
    • Product
      • Certifications
    • More
      1. Ethical Hacking
      2. Kali Linux
      3. Write Ups
      4. CTF
      5. Blockchain
      6. Machine Learning
      7. Computer Science
      8. View All

      Journey to Website Security: Uncovering Hyperlink Injection Dangers

      February 24, 2023

      Pentest/VAPT RoE and Best Practices

      February 3, 2023

      Emoji Deploy Attack Chain

      January 24, 2023

      Introduction to Information Security

      January 11, 2023

      Cyber Security Roadmap (Part-2)

      October 25, 2022

      How to install waybacksurls in kali linux (2022)

      September 23, 2022

      How To Find Hidden Parameters

      November 12, 2022

      Top 10 Subdomain Takeover Reports

      November 6, 2022

      Pause DeSync Attack :

      November 3, 2022

      Bypassing OTP Verification Methods

      October 31, 2022

      Tryhackme Vulnversity walkthrough

      September 26, 2022

      Why GRC Services Are Vital for Business Growth and Compliance in 2025

      July 1, 2025

      Ultimate Guide to Attack Surface Scanning

      April 10, 2025

      Recent Trends in Zero Trust Architecture

      March 3, 2025

      Modern Defensive Cybersecurity Services

      December 29, 2024

      A Peek into Facial Recognition Technology

      August 21, 2023

      How Data Scientists and Machine Learning Engineers Differs

      November 8, 2022

      Artificial Neural Networks with ML

      November 4, 2022

      INTRODUCTION TO MACHINE LEARNING

      October 20, 2022

      Robotic Process Automation: The Key to Effortless Efficiency

      September 18, 2024

      BCI: Merging Minds With Machines

      August 18, 2023

      Is Quantum Computing the future of Computing?

      August 16, 2023

      Why GRC Services Are Vital for Business Growth and Compliance in 2025

      July 1, 2025

      Ultimate Guide to Attack Surface Scanning

      April 10, 2025

      Recent Trends in Zero Trust Architecture

      March 3, 2025

      Modern Defensive Cybersecurity Services

      December 29, 2024
    HITH Blog – HackerinthehouseHITH Blog – Hackerinthehouse
    Home»Cyber Security»Adversary in the Middle Attack Explained
    Cyber Security

    Adversary in the Middle Attack Explained

    TheToySecBy TheToySecNovember 16, 2022Updated:November 20, 2022No Comments3 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Hey guys this is TheToySec back again with another Post. In this post we will talk about the Adversary in the Middle Attacks and some of the detection techniques to mitigate this type of attack.

     

    What is Adversary in the Middle Attack?

    Adversary in the Middle Attack is also known as AITM Attack, which is actually a phishing technique permitting attackers to hijack a user’s sign-in session, intercept the user’s session cookie and cookie, so get authenticated to a session on the user’s behalf. Once the attackers have successfully captured the user’s credentials and session cookies, they move to subsequent part of the attack by accessing compromised users’ mailboxes to launch Business Email Compromise campaigns against alternative targets.

     

    MITRE ATT&CK Technique T1557: Adversaries might attempt to position themselves between 2 or a lot of networked devices using an adversary in the middle technique to support follow on behaviors like Network Sniffing or Transmitted knowledge Manipulation. By abusing features of common networking protocols that may verify the flow of network traffic. Adversaries might force a device to communicate through an opponent controlled system so that they will collect adversary or perform further actions.

     

    How it happens?

    Adversary in the Middle Attacks leverage Man in the Middle frameworks like Evilginx2, Muraena or Modilshka to deploy a proxy server between the user and targeted website so the recipients of a phishing email are redirected to lookalike landing pages designed to capture credentials and MFA info. As explained by Microsoft Security, the phishing page has 2 different Transport Layer Security (TLS) sessions one with the target and another with the particular website the target needs to access. The phishing page then functions as an AITM agent, intercepting the entire authentication process and extracting valuable data from the HTTP requests like passwords and, a lot of significantly, session cookies. Once in possession of this info, the attackers injected the cookies into their own browsers to avoid the authentication method, despite whether the victim had enabled MFA protection.

     

    Prevention Tips for AITM Attacks

    Once a user lands on the attacker’s phishing page, it’s too late for any security layer to protect against the credential harvester. And, a bit like attackers are developing with ways that to subvert the MFA protection. Eventually they’ll possibly find some way around FIDO v2.0. instead of focusing on an authentication technique Phishblocklist delivers comprehensive protection against AITM by block users from accessing the phishing page for maximum protection against credential harvester TTPs that cause ransomware, breaches, and other cyber attacks. Phishblocklist, one of the zveloCTI™ Cyber Threat Intelligence feeds, has proved market leading detection coverage and speed of active phishing threats from the global Activeweb traffic stream across web surfing, email, SMS and alternative applications. Additionally enhanced with zvelo’s predictive phishing detection.  Phishblocklist delivers valid active phishing threats that are enriched with extra metadata attributes like date detected, targeted brand, phishing campaign identification and much more.

     

    If you really like this post then give your reaction and don’t forget to share with others. Till then we will meet again in another interesting topic.

     

    Thank you for reading this and have a nice stay there! 

    Author

    • TheToySec
      TheToySec

      View all posts

    AITM-Attack cyber-attacks Cyber-Security cyberawareness Ethical-Hacking
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleSession Fixation, Session Hijacking and Captcha Bypass
    Next Article HTTP Request Smuggling Vulnerability Explained
    TheToySec

    Related Posts

    Cyber Security

    Why GRC Services Are Vital for Business Growth and Compliance in 2025

    July 1, 2025
    Cyber Security

    Ultimate Guide to Attack Surface Scanning

    April 10, 2025
    Cyber Security

    Recent Trends in Zero Trust Architecture

    March 3, 2025
    Add A Comment
    Leave A Reply Cancel Reply

    Advertisement
    Top Posts

    How to install waybacksurls in kali linux (2022)

    September 23, 20222,587 Views

    File Upload XSS | Find XSS in a different way while doing Bug bounty and Pentesting

    January 13, 2023897 Views

    OSCP Cheat Sheet

    October 16, 2022854 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Advertisement
    X (Twitter) Instagram LinkedIn WhatsApp Telegram
    • About us
    • Contact Us
    • Privacy Policy
    • Terms
    © 2025 HITH Blog. Powered by Hackerinthehouse.

    Type above and press Enter to search. Press Esc to cancel.

    Ad Blocker Enabled!
    Ad Blocker Enabled!
    Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.