Better Mobile Security Inc.
Better Mobile Security Inc.
BETTER Mobile Threat Defense
Get Started
Setup an account
Setup mobile agent
Setup Integrations
Manage users, devices and roles
FAQs
Features
App threat management
Device threat management
Network threat management
Integrations
Azure Sentinel
Microsoft Defender ATP
Microsoft Intune
ServiceNow
Splunk
Workspace ONE UEM (Airwatch)
Workspace ONE Intelligence
Syslog
Policies
What are Policies?
App threat policy
Device threat policy
Network threat policy
Incidents
Overview
App incidents
Device incidents
Network incidents
How to
Blacklist apps
Block phishing sites
Configure policies
Initiate a threat scan
Send support logs
How to trigger incidents
Overview
App incidents
Device incidents
Network incidents
Man-in-the-Middle incident
Wi-Fi pineapple incident
Rogue Wi-Fi incident
Port scanning incident
Unsecured network incident
Blacklisted network incident
Phishing site incident
SSL stripping incident
Captive portal incident
Content tamper incident
Powered by GitBook

SSL stripping incident

Requirement

Download and install MITM proxy​

How to trigger incident

Step 1: Run the mitmdump on the testing PC

Step 2: Insert the IP address and the port number on the test device

Long press wifi icon>Click settings on the currently connected wifi>Advanced>Chanage proxy to manual>Add the IP address and port number of the testing PC on the test device.

Wait for the test device to appear on the PC.

Step 3: Run the scripts

Step 4: Search on your device

Open a browser on the test device and search the SLL Stripping demo site.

The 'https' links have been stripped down to 'http'.

How to remediate the incident

Disable the proxy

Follow the steps below to disable the proxy on the test device.

Long press wifi icon>Click settings on the currently connected wifi>Advanced>Chanage proxy to 'None'

Previous
Phishing site incident
Next
Captive portal incident
Last updated 3 months ago
Contents
Requirement
How to trigger incident
Step 1: Run the mitmdump on the testing PC
Step 2: Insert the IP address and the port number on the test device
Step 3: Run the scripts
Step 4: Search on your device
How to remediate the incident
Disable the proxy