DrMITM : A Program Designed To Globally Log All Traffic Of A Website

DrMITM is a program designed to globally log all traffic. It sends a request to website and returns the IP of the website just in case the server of the website is designed to rely on the website IP for requests.

The request that goes to the website also ends up being sent to the server which it will log the message that the website sends, it will then return the same message and send it directly to the server, where the server may see it as the website but it will also direct our request to the website once the program changes IP’s.

Once it sends our request to the website, the program will then pause our traffic, and wait for incoming traffic, when a new user tries to login or whatever and the website sends a request to the server, DrMITM will receive it, and the way it gets the data back to us is by sending the same data to a file.

Also Read – ThreatHunting : A Splunk App Mapped To MITRE ATT&CK

How To Get Started?

  • For Nim version: Install 19.0 Nim(using choosenim or git clone) Git clone the repo cd into the directory Run nim DrMITM.nim
  • For Python version: Install Python git clone the repo cd into the directory Run python DrMITM.py

ᴄᴏᴍᴍᴀɴᴅs

  • e(live logging)
  • b(traffic blocking)
  • r(redirect users)

Upcoming Features

-ᴘʀᴇᴠᴇɴᴛɪɴɢ ᴄʟɪᴇɴᴛ ᴛʀᴀғғɪᴄ ғʀᴏᴍ ʀᴇᴀᴄʜɪɴɢ ᴛʜᴇ sᴇʀᴠᴇʀ.–(ɴᴏᴡ ᴀᴠᴀɪʟᴀʙʟᴇ)
–ʀᴇᴅɪʀᴇᴄᴛɪɴɢ ᴛʀᴀғғɪᴄ–(ɴᴏᴡ ᴀᴠᴀɪʟᴀʙʟᴇ)

ᴛʜᴇᴏʀᴇᴛɪᴄᴀʟ ᴄᴏɴ

ᴛʜᴇʀᴇ ᴍᴀʏ ʙᴇ ᴀ ᴘᴏssɪʙɪʟɪᴛʏ ᴛʜᴀᴛ ᴅʀᴍɪᴛᴍ ᴡɪʟʟ ғᴀɪʟ ᴀᴛ sɴɪғғɪɴɢ ᴛʀᴀғғɪᴄ ᴏғ ᴡᴇʙsɪᴛᴇs ᴛʜᴀᴛ ᴄᴏᴍᴍᴜɴɪᴄᴀᴛᴇ ᴛʜʀᴏᴜɢʜ ᴍᴜʟᴛɪᴘʟᴇ sᴇʀᴠᴇʀs ʙᴇᴄᴀᴜsᴇ ᴏғ ᴄᴏɴғɪɢᴜʀᴀᴛɪᴏɴ ʀᴇᴀsᴏɴs ᴏʀ ᴘᴏssɪʙʟʏ ᴀ ᴄʜᴀɴɢᴇ ᴏғ ᴇɴᴄʀʏᴘᴛɪᴏɴ ᴏʀ ʀᴇǫᴜɪʀᴇᴍᴇɴᴛs ᴏғ ɴᴇᴇᴅɪɴɢ ᴛᴏ ᴛʀɪᴄᴋ ᴛʜᴇ sᴇʀᴠᴇʀ. ᴀɴᴅ ɪ sᴀʏ “ᴛʜᴇʀᴇ ᴍᴀʏ” ʙᴇᴄᴀᴜsᴇ ɪᴛ ʜᴀsɴ’ᴛ ʙᴇᴇɴ ᴛᴇsᴛᴇᴅ ʏᴇᴛ.

Issue Reporting

If you have an issue please submit it with the following details given:

your issue
Your Nim Or Python version
Operating system

The process of what you were doing before the issue occurred

Q&A:

Q:How does live logging works?
A:it just sends the logged data to a file and outputs it on screen.
Q: How does the traffic block work? A: a unicode gets sent to the website from server and overflows the traffic towards incoming traffic.
Q:How does the redirectio. feature works?
A: it sends a fake error message + redirection status code from the server with a modified location.

Download
R K

Share
Published by
R K
Tags: DrMITM
7 years ago

Recent Posts

How EDR Killers Bypass Security Tools

Endpoint Detection and Response (EDR) solutions have become a cornerstone of modern cybersecurity, designed to…

3 minutes ago

AI-Generated Malware Campaign Scales Threats Through Vibe Coding Techniques

A large-scale malware campaign leveraging AI-assisted development techniques has been uncovered, revealing how attackers are…

22 minutes ago

How Does a Firewall Work Step by Step

How Does a Firewall Work Step by Step? What Is a Firewall and How Does…

5 hours ago

Fake VPN Download Trap Can Steal Your Work Login in Minutes

People trying to securely connect to work are being tricked into doing the exact opposite.…

1 day ago

This Android Bug Can Crack Your Lock Screen in 60 Seconds

A newly disclosed Android vulnerability is making noise for a good reason. Researchers showed that…

5 days ago

How to Fix MyISAM Table Corruption in MySQL?

In MySQL Server 5.5 and earlier versions, the MyISAM was the default storage engine. So,…

6 days ago