DeepSec 2019 Talk: Lauschgerät — Gets in the Way of Your Victim’s Traffic and Out of Yours — Adrian Vollmer *

The talk will present a new tool for pentesters called „Lauschgerät”. This python script acts as a convenient man-in-the-middle tool to sniff traffic, terminate TLS encryption, host malicious services and bypass 802.1X — provided you have physical access to the victim machine, or at least its network cable.

There are three ways to run it: Either on its own dedicated device like a Raspberry Pi or Banana Pi, in a virtual machine with two physical…