17 points
That kind of ssl interception would normally be quite visible without your client device having the pineapples cert in your devices trust store, or am I wrong?
8 points
*
I’m sure a lot has changed in 10 years ago so this won’t be relevant today, but back when I was last playing with this, sslstrip was the tool I was using on the pineapple to enable SSL mitm attacks - https://github.com/moxie0/sslstrip
I’d imagine there are new techniques to counteract new defenses - this stuff is always cat & mouse