Skip to content

MITM

MITM

Medium — good to knowSecurity

ELI5 — The Vibe Check

MITM stands for Man-in-the-Middle. An attacker silently sits between your browser and the server, eavesdropping on everything. If the connection isn't encrypted (no HTTPS), they see every byte. If they control a network, they can intercept even HTTPS if certificate validation is bypassed.

Real Talk

MITM attacks are categorized by technique: SSL stripping (downgrading HTTPS to HTTP), SSL interception (with a forged certificate), and BGP hijacking (routing-level). Mobile apps are especially vulnerable if they disable certificate validation. Burp Suite is a common MITM proxy used in penetration testing.

When You'll Hear This

"Burp Suite acts as a MITM proxy during security testing." / "The mobile app was vulnerable to MITM due to disabled certificate validation."

Related Terms

Certificate

A certificate is a digital ID card for a website, signed by a trusted authority.

intermediateSecurity

HTTPS (HyperText Transfer Protocol Secure)

HTTPS is HTTP but with a bodyguard. All the data flying between your browser and the website is scrambled so nobody can spy on it.

beginnerNetworking

Man-in-the-Middle (MITM)

A man-in-the-middle attack is when a hacker secretly sits between you and the website you're talking to, reading and possibly changing everything you send...

intermediateSecurity

Penetration Testing

Penetration testing (pentesting) is hiring ethical hackers to try to break into your own systems before the real bad guys do.

intermediateSecurity

TLS (TLS)

TLS (Transport Layer Security) is the updated, actually-secure version of SSL. It's the technology that puts the padlock in your browser's address bar.

intermediateSecurity
Back to Browse Random Term

Made with passive-aggressive love by manoga.digital. Powered by Claude.