Better Mobile Security Inc.
Better Mobile Security Inc.
BETTER Mobile Threat Defense
Get Started
Setup an account
Setup mobile agent
Setup Integrations
Manage users, devices and roles
FAQs
Features
App threat management
Device threat management
Network threat management
Integrations
Azure Sentinel
Microsoft Defender ATP
Microsoft Intune
ServiceNow
Splunk
Workspace ONE UEM (Airwatch)
Workspace ONE Intelligence
Syslog
Policies
What are Policies?
App threat policy
Device threat policy
Network threat policy
Incidents
Overview
App incidents
Device incidents
Network incidents
How to
Blacklist apps
Block phishing sites
Configure policies
Initiate a threat scan
Send support logs
How to trigger incidents
Overview
App incidents
Device incidents
Network incidents
Man-in-the-Middle incident
Wi-Fi pineapple incident
Rogue Wi-Fi incident
Port scanning incident
Unsecured network incident
Blacklisted network incident
Phishing site incident
SSL stripping incident
Captive portal incident
Content tamper incident
Powered by GitBook

Man-in-the-Middle incident

Requirement

  • Download and install MITM proxy​

  • Download the certificate from MITM​

How to trigger incident

Step 1: Run the mitmdump on the testing PC

  1. Download and install MITM proxy​

  2. Run mitmdump and the testing pc

Step 2: Insert the IP address and the port number on the test device

Long press wifi icon>Click settings on the currently connected wifi>Advanced>Chanage proxy to manual>Add the IP address and port number of the testing PC on the test device.

Wait for the test device to appear on the PC.

Step 3: Trust SSL certificate

  1. Go to the MITM website and click on the certificate for your device

  2. Install on your device and give a name to the certificate

By installing the certificate from the MITM website you trust the SSL certificate on your device.

Step 4: Search on your device

Open a browser on the test device and search for any website.

How to remediate the incident

Option 1: Disable the proxy

Follow the steps below to disable the proxy on the test device.

Long press wifi icon>Click settings on the currently connected wifi>Advanced>Chanage proxy to 'None'

Option 2: Uninstall the certificate

Follow the steps below to uninstall the certificate on the test device.

Go to settings>Security>User certificate>Select the certificate you installed and uninstall it.

​

How to trigger incidents - Previous
Network incidents
Next
Wi-Fi pineapple incident
Last updated 3 months ago
Contents
Requirement
How to trigger incident
Step 1: Run the mitmdump on the testing PC
Step 2: Insert the IP address and the port number on the test device
Step 3: Trust SSL certificate
Step 4: Search on your device
How to remediate the incident
Option 1: Disable the proxy
Option 2: Uninstall the certificate