I've added simple, extensible functionality to tamper with server responses before they are sent to client. It's optional, you can have your own classes implementing the tapering and configure them separately with a config file and command line parameter.
I've added simple, extensible functionality to tamper with server responses before they are sent to client. It's optional, you can have your own classes implementing the tapering and configure them separately with a config file and command line parameter.
Based on my squid-imposter project at http://blog.kotowicz.net/2010/12/squid-imposter-phishing-websites.html I've also included an exemplary attack that uses response tampering.
I don't know if that's in-scope of sslstrip, but I'm using it anyway, so why not sharing ;)