This repository has been archived by the owner on Dec 6, 2023. It is now read-only.
Provide example vulnerable Android app #21
Assignees
Labels
Comments
klyubin
pushed a commit
that referenced
this issue
Nov 16, 2014
This adds an Android application which offers an easy way to generate vulnerable traffic which should be detected by the MiTM. This should be useful for quickly testing the various attack/detection functionality of the nogotofail MiTM. This commit adds a small number of tests to cover the most typical vulnerable traffic: HTTPS requests where the identity of the server is not fully verified, and cleartext HTTP requests with an Authorizaton header which thus leaks authentication credentials. More tests will be added later. Fixes #21
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
It would be nice to provide an example app that is known to be vulnerable to a few of the things we detect so that people can easily see how the Android setup works and to verify their testing setup is working correctly.
The text was updated successfully, but these errors were encountered: