[{"data":1,"prerenderedAt":83},["ShallowReactive",2],{"term-m\u002Fman-in-the-middle":3,"related-m\u002Fman-in-the-middle":61},{"id":4,"title":5,"acronym":6,"body":7,"category":40,"description":41,"difficulty":42,"extension":43,"letter":44,"meta":45,"navigation":46,"path":47,"related":48,"seo":54,"sitemap":55,"stem":58,"subcategory":59,"__hash__":60},"terms\u002Fterms\u002Fm\u002Fman-in-the-middle.md","Man-in-the-Middle","MITM",{"type":8,"value":9,"toc":33},"minimark",[10,15,19,23,26,30],[11,12,14],"h2",{"id":13},"eli5-the-vibe-check","ELI5 — The Vibe Check",[16,17,18],"p",{},"A man-in-the-middle attack is when a hacker secretly sits between you and the website you're talking to, reading and possibly changing everything you send and receive. Like if the mail carrier read, edited, and re-sealed all your letters. HTTPS and certificate pinning prevent this because the certificates prove you're talking to the real site.",[11,20,22],{"id":21},"real-talk","Real Talk",[16,24,25],{},"A MITM attack intercepts communications between two parties without their knowledge. Attackers can eavesdrop, modify data in transit, or replay messages. Common attack vectors: rogue WiFi hotspots, ARP spoofing, DNS spoofing. TLS with proper certificate validation is the primary defense.",[11,27,29],{"id":28},"when-youll-hear-this","When You'll Hear This",[16,31,32],{},"\"On public WiFi without HTTPS, MITM attacks are trivial.\" \u002F \"Certificate pinning prevents MITM even with a rogue CA.\"",{"title":34,"searchDepth":35,"depth":35,"links":36},"",2,[37,38,39],{"id":13,"depth":35,"text":14},{"id":21,"depth":35,"text":22},{"id":28,"depth":35,"text":29},"security","A man-in-the-middle attack is when a hacker secretly sits between you and the website you're talking to, reading and possibly changing everything you send...","intermediate","md","m",{},true,"\u002Fterms\u002Fm\u002Fman-in-the-middle",[6,49,50,51,52,53],"TLS","HTTPS","Certificate","Session Hijacking","Encryption",{"title":5,"description":41},{"changefreq":56,"priority":57},"weekly",0.7,"terms\u002Fm\u002Fman-in-the-middle",null,"J4NiG9yDCZWawzH6PQY4c5jgGVqWhLXscaCW0_g2DgU",[62,65,69,74,77,80],{"title":51,"path":63,"acronym":59,"category":40,"difficulty":42,"description":64},"\u002Fterms\u002Fc\u002Fcertificate","A certificate is a digital ID card for a website, signed by a trusted authority.",{"title":53,"path":66,"acronym":59,"category":40,"difficulty":67,"description":68},"\u002Fterms\u002Fe\u002Fencryption","beginner","Encryption is scrambling your message into gibberish so only someone with the secret decoder ring can read it.",{"title":50,"path":70,"acronym":71,"category":72,"difficulty":67,"description":73},"\u002Fterms\u002Fh\u002Fhttps","HyperText Transfer Protocol Secure","networking","HTTPS is HTTP but with a bodyguard. All the data flying between your browser and the website is scrambled so nobody can spy on it.",{"title":6,"path":75,"acronym":6,"category":40,"difficulty":42,"description":76},"\u002Fterms\u002Fm\u002Fmitm","MITM stands for Man-in-the-Middle. An attacker silently sits between your browser and the server, eavesdropping on everything.",{"title":52,"path":78,"acronym":59,"category":40,"difficulty":42,"description":79},"\u002Fterms\u002Fs\u002Fsession-hijacking","Session hijacking is when an attacker steals your session cookie or token and impersonates you.",{"title":49,"path":81,"acronym":49,"category":40,"difficulty":42,"description":82},"\u002Fterms\u002Ft\u002Ftls","TLS (Transport Layer Security) is the updated, actually-secure version of SSL. It's the technology that puts the padlock in your browser's address bar.",1776518294259]