The Middler – User Session Cloning & MITM Tool

Find your website's Achilles' Heel

The Middler is a Man in the Middle tool to demonstrate protocol middling attacks. Led by Jay Beale, the project involves a team of authors including InGuardians agents Justin Searle and Matt Carpenter. The Middler is intended to man in the middle, or “middle” for short, every protocol for which we can create code.

In our first alpha release, we released a core built by Matt and Jay, with introductory plug-ins by Justin and InGuardians agent Tom Liston. It runs on Linux and Mac OS X, with most of the code functional on Windows and BSD Unix.

The current codebase is in the alpha state, but a beta release is coming soon, with better documentation (see the wiki), easier installation, and even more plug-ins.


  • – inject the Browser Exploitation Framework (BeEF) into any HTTP requests originating on the local LAN
  • – inject an IFRAME into cleartext (HTTP) requests that loads Metasploit browser exploits
  • – inject a JavaScript? onKeyPress event handler to cleartext forms that get submitted via HTTPS, forcing the browser to send the password character-by-character to the attacker’s server, before the form is submitted.

The author team has done a tremendous amount of research, design and pseudo-code work, fleshing out attacks on web-based e-mail systems and social networking sites.


The Middler depends on the following Python modules:

  • scapy
  • libpcap
  • readline
  • libdnet
  • beautifulsoup

You can download The Middler here:


Or read more here.

Posted in: Hacking Tools, Network Hacking, Privacy

, , , , , , , , , ,

Recent in Hacking Tools:
- Zenmap – Official Cross-Platform Nmap GUI
- nishang – PowerShell For Penetration Testing
- DyMerge – Bruteforce Dictionary Merging Tool

Related Posts:

Most Read in Hacking Tools:
- Top 15 Security/Hacking Tools & Utilities - 1,995,484 views
- Brutus Password Cracker – Download AET2 - 1,490,728 views
- wwwhack 1.9 – Download Web Hacking Tool - 688,926 views

Comments are closed.