Important Disclaimer
This project is created strictly for educational and academic purposes as part of a 1st-year Bachelor's in Cybersecurity university project.
It must NEVER be used on any real, public, or unauthorized network. Performing MITM attacks without explicit written permission is illegal in most countries.
This repository contains a simple Python-based ARP spoofing + packet forwarding tool that demonstrates how a Man-in-the-Middle (MITM) attack works on a local network (LAN).
- Performs ARP cache poisoning on the victim and the gateway/router.
- Enables IP forwarding so the victim can still access the internet (no immediate suspicion).
- Allows viewing/sniffing of redirected traffic (e.g., HTTP requests in Wireshark).
- Understand how ARP protocol works and its vulnerabilities.
- Learn the concept of Man-in-the-Middle attacks.
- See why encryption (HTTPS, VPN) is crucial.
- Explore basic network security concepts.
- ARP spoofing (poisoning) of victim and gateway
- Automatic IP packet forwarding
- Graceful restoration of ARP tables on exit (Ctrl+C)
- Simple command-line interface
- Easy to extend for packet sniffing, logging, or HTTPS downgrading demos
- Linux (Kali, Ubuntu, Parrot recommended) or macOS
- Python 3.8+
- Scapy library (
pip install scapy)
# Clone the repository
git clone https://github.com/YOUR_USERNAME/MITM.git
cd MITM
# Install dependencies
pip install scapy