Cyber Security

How Hacker Attack your solution: MIIM

1. Man-in-the-Middle (MITM) Attack

• Hacker intercepts traffic between you and the server.

• Common on public Wi-Fi.

• Can read unencrypted data (non-HTTPS).

• Tools: Wireshark, mitmproxy, Ettercap

• Resolutions:  JWT token/Encryption/Obfuscation
  
  

2. Packet Sniffing

• Monitors local network traffic (LAN/Wi-Fi).

• Can capture data if not encrypted.

• Tools: tcpdump, Wireshark.

• Resolutions:  JWT token/Encryption/Obfuscation

3. Malware on the Device

• Malware logs traffic or data before it's encrypted.

• Can steal session tokens, passwords, or cookies.

• Resolution: OS upgrade patches/AntiVirus/Limit access/Block USB/Training awareness
  
  

4. SSL Stripping

• Downgrades HTTPS to HTTP.

• Hacker sees data in cleartext.

• Tool: sslstrip.

• Resolution: Disable HTTP, use HSTS, Enable TLS 1.2

5. DNS Spoofing / ARP Poisoning

• Redirects your traffic to a fake server.

• Can capture login credentials or sensitive data.
  
  

6. Malicious Browser Extensions or Keyloggers

• Some extensions or spyware log traffic or user input.
  
  

✅ Protection Tips:

• Always use HTTPS (look for 🔒).

• Use VPN on public networks.

• Enable HSTS, CSP headers on websites.

• Keep antivirus and system updated.

• Enable HSTS (HTTP Strict Transport Security) at all layers: Strict-Transport-Security

• Enable TLS 1.2 or higher, in order to secure connection

• Enable WAF services(Web application firewall) that to prevent overengineering the solution by security aspects, as it applies machine learning mechanisms for anomaly detection, and OWASP best practices.