How to Intercept HTTPS Traffic: Man-in-the-Middle (MITM) Attack Tutorial | ARP Spoofing & mitmproxy

In this ethical hacking tutorial, we explain and demonstrate how a Man-in-the-Middle (MITM) attack works by intercepting both unencrypted HTTP and encrypted HTTPS network traffic. This video demonstrate how to intercept HTTPS traffic by ARP poisoning in MITM attack. Normally, HTTPS network packets are encrypted by a session key between the client and web server. An attacker cannot decrypt the HTTPS traffic without the session key. However, if the attacker can redirect the victim's HTTPS traffic to their managed host (e.g., by DNS hijack or ARP poisoning in a LAN), they can supply their own session key to the victim host, decrypt the HTTPS traffic, and relay the HTTPS traffic between the victim host and the genuine web server. This video shows that it is possible to sniff user password even in HTTPS traffic. Watch step-by-step as we use Kali Linux tools to intercept network communications between a victim and a web server, demonstrating how attackers can capture sensitive information like usernames and passwords. What you will learn in this video: • The core concept of how MITM attacks route traffic. • How to sniff unencrypted HTTP passwords using tcpdump. • Why standard packet sniffing fails against HTTPS encryption. • How to perform ARP Spoofing (ARP Poisoning) using arpspoof to hijack a local network connection. • How to use mitmproxy and fake SSL certificates to decrypt, intercept, and capture HTTPS login credentials in plain text. ⏱️ Video Chapters (Key Moments): 0:00 - Introduction: What is a Man-in-the-Middle (MITM) Attack? 0:50 - Testing an unencrypted HTTP login 1:25 - Capturing HTTP plain-text passwords with tcpdump 2:12 - Why standard packet sniffing fails on HTTPS (Encrypted Traffic) 3:33 - Setting up the MITM Attack: ARP Spoofing with arpspoof 5:45 - Breaking HTTPS: Setting up mitmproxy and fake SSL certificates 6:25 - Successfully intercepting and decrypting HTTPS login credentials 8:40 - Verifying the hijacked MAC addresses in the ARP table 9:15 - Stopping the attack and restoring normal network traffic ⚠️ DISCLAIMER: This video is for educational purposes only. The techniques demonstrated are intended for ethical hackers, penetration testers, and network administrators to understand vulnerabilities and secure their networks. Never perform these attacks on networks or systems you do not own or do not have explicit written permission to test. Tools Used: • Kali Linux • tcpdump • arpspoof (dsniff suite) • mitmproxy Below video show to analyze MITM attack network packets. https://youtu.be/mpGF8-iyuhw You can get its network packet pcap files at https://github.com/alanshlam/HoneyNet/blob/main/pcap/mitm.pcap You can get more info from my project at https://github.com/alanshlam/Pentest #CyberSecurity #EthicalHacking #MITMAttack #NetworkSecurity #KaliLinux #PenetrationTesting #InfoSec #mitmproxy #HTTPS