We were asked to use Burpsuite and openssl to do Man in The Middle or MiTM to a target. We were asked to useopenssl for the fake certification and then put it to a proxy server, which will be accessed by the target which we use another Virtual Machine as the target. Then we will listen using Burpsuite to intercept what the target are accessing in the browser.

• First we use burpsuite to generate the keys, there’s 3 steps in making the private key we are going to use

• Then make a port uploaded with the certificate that we’ve generated before using openssl

• Lastly when your target access google or any website it will pop up in our burpsuite as long as we are intercepting