Skip to content

Services, Wiki-Artikel und Blog-Beiträge durchsuchen

↑↓NavigierenEnterÖffnenESCSchließen

Man-in-the-middle attacks: techniques, detection and protection

Man-in-the-middle (MITM) attacks position an attacker between communicating parties—silently, often invisibly. All techniques explained: ARP spoofing, SSL stripping, DNS spoofing, BGP hijacking, AiTM phishing.

Summary: An attack in which an attacker secretly inserts themselves between two communicating parties, intercepts the data traffic, and potentially manipulates it—without the sender or recipient noticing.

Sources & References

  1. [1] NIST - Man-in-the-Middle Attack Definition - NIST
  2. [2] Microsoft Security: AiTM Phishing Attacks - Microsoft Security
  3. [3] ENISA Threat Landscape 2024 - ENISA

Questions about this topic?

Our experts advise you free of charge and without obligation.

Free Consultation

About the Author

Vincent Heinen
Vincent Heinen

Abteilungsleiter Offensive Services

E-Mail
PGP 1DDAA57F2B972787

M.Sc. IT-Sicherheit mit über 5 Jahren Erfahrung in offensiver Sicherheitsanalyse. Leitet die Durchführung von Penetrationstests mit Spezialisierung auf Web-Applikationen, Netzwerk-Infrastruktur, Reverse Engineering und Hardware-Sicherheit. Verantwortlich für mehrere Responsible Disclosures.

Responsible Disclosures: CVE-2023-0865 CVE-2025-43579 CVE-2025-53533
OSCP+ OSCP OSWP OSWA
Vollständiges Profil ansehen
This article was last edited on 03/29/2026. Responsible: Vincent Heinen, Abteilungsleiter Offensive Services at AWARE7 GmbH. License: CC BY 4.0 - free use with attribution: "AWARE7 GmbH, https://a7.de"