Decrypting the network traffic
As we saw in the previous section, we can intercept traffic using a man in the middle attack. However, this attack is rarely useful on its own since all the browser traffic nowadays is encrypted, so even if you were able to intercept traffic, you won't be able to do much. You can bypass this procedure by using SSL stripping. Intercepting traffic without encryption is also sometimes useful when you want to monitor a user's activity. This can help you figure out which websites a user is visiting the most. Using this information alongside social engineering attacks can help you compromise the victim's machine.
HTTPS versus HTTP
To understand how SSL stripping works, we need to understand how the hypertext transfer protocol (HTTP) and HTTPS protocols work. HTTPS is a secure version of HTTP, as indicated by the S at the end of its name. It was developed in the early days of the internet, when information was sent in the form of human...