Security Intermediate

What is Man-in-the-Middle Attack?

An attack where the attacker secretly intercepts and potentially alters communication between two parties who believe they are communicating directly.

MITM attackers position themselves between client and server, intercepting all traffic. On unencrypted networks, they can read passwords, session tokens, and sensitive data. Advanced attacks can intercept HTTPS by presenting fake certificates.

Prevention includes HTTPS everywhere, certificate pinning, HSTS (HTTP Strict Transport Security), secure WiFi (WPA3), VPNs on public networks, and validating certificate chains. Public WiFi is particularly vulnerable to MITM attacks.

Learn More About This Topic

Ethical Hacking & Penetration Testing

Related reading

Network Security Fundamentals

Related reading

SOC Analyst Fundamentals

Related reading

Related Terms

PKI (Public Key Infrastructure)

A framework of policies, hardware, and software for creating, managing, distributing, and revoking digital certificates.

Security Headers

HTTP response headers that instruct browsers to enable security features like XSS protection, framing prevention, and content type enforcement.

A social engineering attack that uses fraudulent communications to trick people into revealing sensitive information or installing malware.

WAF (Web Application Firewall)

A security solution that filters and monitors HTTP traffic between a web application and the internet, blocking common attacks.

A security model that requires strict identity verification for every user and device, regardless of their network location.

CORS (Cross-Origin Resource Sharing)

A browser security mechanism that controls which web domains can access resources from another domain via HTTP requests.

View All Security Terms →