Changelog Version 1.0.1 – Superfish!
+ Subterfuge can now MITM SSL sessions using arbitrary certificates
+ SSLStriping can be selectively enabled or disabled as desired
+ Subterfuge can leverage the Superfish Bug
+ CRITICAL UPDATE: The new version of Django was causing Subterfuge to fail on default installs of Kali Linux. Subterfuge 1.0.1 release with emergency fixes to critical framework files
Enter Subterfuge, a Framework to take the arcane art of Man-in-the-Middle Attacks and make it as simple as point and shoot. Subterfuge demonstrates vulnerabilities in the ARP Protocol by harvesting credentials that go across the network and even exploiting machines by injecting malicious code directly into their browsing sessions.
Follow the steps below to download and install the latest version of Subterfuge:
git clone https://github.com/Subterfuge-Framework/Subterfuge.git
Execute Subterfuge by running the following command: subterfuge