Red-Team-Infrastructure-Wiki VS sslstrip

I found this as a useful starting point: https://github.com/bluscreenofjeff/Red-Team-Infrastructure-Wiki

We have done it by connecting a Huawei LTE-Stick to a Raspberry Pi with Kali Linux. It automatically sets up a VPN connection to a control server in AWS where we have red teaming infrastructure set up. When we then connect the rpi into the network we can do some SSH port forwarding and connect to the rpi, which is now a network implant where we can do basically anything from. This sometimes requires finding Active Directory credentials around the office or through a phishing campaign (really easy with the access to the local network) or something, in order to get a foothold onto the AD infrastructure.

Another option might be to try something like sslstrip to strip off the TLS layer so you can point your tools at the stripped-off/non-TLS endpoint. Probably non-trivial to get this old code working on any system though, let alone a Jetson: https://github.com/moxie0/sslstrip

sslstrip - Demonstration of the HTTPS stripping attacks.

Yeah. And for anyone unaware, this technique, SSL stripping, was made well-known (and arguably pioneered?) by Moxie Marlinspike of Signal with his tool sslstrip back in 2011: https://github.com/moxie0/sslstrip. I believe that's what he was most famous for before Signal.

Once the connection has been intercepted, the attacker can use a tool such as sslstrip to disable all HTTPS redirects and change https:// links to unencrypted http://.

E' possibile, per quanto molto meno facile. https://github.com/moxie0/sslstrip per esempio. Ci sono anche altre tecniche che si basano sulla manipolazione delle richieste di DNS e cose simili. Sicuramente molto piu' facile da notare e ordini di grandezza piu' complesso di HTTP, che è assolutamente triviale.