Attack TechniquesHigh

Man-in-the-Middle Attack (MITM)

An attack where an adversary secretly intercepts and alters communication between two parties

Content

What is a MITM Attack?

A Man-in-the-Middle (MITM) Attack occurs when a third party secretly relays or alters communication between two systems without either party knowing.

Common MITM Techniques

ARP Spoofing
DNS Spoofing
SSL Stripping
Session Hijacking

Best Practices

Always use HTTPS
Educate users not to connect to unknown Wi-Fi
Use VPNs when traveling or on public networks
Monitor for DNS or ARP poisoning attempts

Quick Facts

Severity Level

8/10

Attack Vector

Public Wi-Fi, DNS hijack, ARP spoofing

Defense

HTTPS, VPNs, certificate pinning

Example

Interception of login credentials on public Wi-Fi

Detection

Look for invalid certificates or odd redirects

Related Terms

Spoofing

Faking identity to deceive systems or users

SSL Stripping

Downgrading HTTPS to HTTP to intercept traffic

Packet Sniffing

Capturing unencrypted data in transit

Learn More

Preventing MITM Attacks Wi-Fi Security Essentials