Skip to content
/ Detect-SSLmitm Public
forked from clr2of8/Detect-SSLmitm

This PowerShell script will determine if your connection to external servers over HTTPS is being decrypted by an intercepting proxy such as the internet proxies commonly found in corporate environments. It does this by comparing the SSL intermediate certificate being used for your connection to the true/known SSL certificate for the server.

0 stars 11 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ca-leet/Detect-SSLmitm

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
README.md
README.md
 
 
ssl_mitm.ps1
ssl_mitm.ps1
 
 

Repository files navigation

ssl_mitm

A PowerShell-based tool for detecting potential SSL/TLS man-in-the-middle (MITM) attacks by monitoring certificate changes across various websites.

All credit to https://github.com/clr2of8/Detect-SSLmitm as this is a fork of that repo

Usage

  1. Download the ssl_mitm.ps1 script to your local machine and remote machine
  2. Set the appropriate PowerShell execution policy: Set-ExecutionPolicy RemoteSigned -Scope CurrentUser
  3. Dot source the script and initialize golden hashes:
> . .\ssl_mitm.ps1
> Update-GoldenHashes -UpdateScript

Run on both machines:

> Test-SSLMitm

The Output looks like this (compare output from local vs remote):

image

About

This PowerShell script will determine if your connection to external servers over HTTPS is being decrypted by an intercepting proxy such as the internet proxies commonly found in corporate environments. It does this by comparing the SSL intermediate certificate being used for your connection to the true/known SSL certificate for the server.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • PowerShell 100.0%