Tool/service to detect Man in the Middle attacks with Canary Requests
Temporary setup docs: In order to run the service, you must first go into the "service" directory and run "python setup_test_persistence.py" which trains a variety of testing canary requests. If you want to modify the canary requests, modify this file. This will create a persist.json, which stores the configuration for the service.
Then run python main.py (still in the service directory) to start the service.
In another terminal, return to the root directory of the git repo, and run python main.py to start the UI. The UI does not need to be running for the service to work, and alerts are stored, so restarting the UI will bring the alerts back.
This tool was presented at VirusBulletin 2016 in Denver. The slides for that talk are available here: https://www.virusbulletin.com/uploads/pdf/conference_slides/2016/Wallace-vb-2016-detecting-mitm-canary.pdf
MITMCanary vs MITMf: https://www.youtube.com/watch?v=fDbQMk5OMZw
MITMCanary vs Responder: https://www.youtube.com/watch?v=d8oWPesBFUY
MITMCanary vs Zarp + MITMProxy: https://www.youtube.com/watch?v=vEPU3FICqEw