Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
BSD 3-Clause "New" or "Revised" License
10.23k
stars
1.87k
forks
source link
Added ability to edit headers of intercepted HTTP requests #1006
This commit introduces the capability to alter HTTP headers of intercepted requests. Users can now specify custom headers to be added or modified in responses. This feature allows for dynamic adjustments such as redirects via the Location header, manipulation of Set-Cookie for session testing, and setting CORS policies directly within intercepted responses etc.
This commit introduces the capability to alter HTTP headers of intercepted requests. Users can now specify custom headers to be added or modified in responses. This feature allows for dynamic adjustments such as redirects via the Location header, manipulation of Set-Cookie for session testing, and setting CORS policies directly within intercepted responses etc.
Example YAML configuration snippet: