From Infogalactic: the planetary knowledge core
Jump to: navigation, search

For the concept of subterfuge, see Deception and Military deception. For the 1968 British film, see Subterfuge (film).

Original author(s) r00t0v3rr1d3 (Chris Shields), 0sm0s1z (Matthew Toussain)
Initial release July 23, 2012; 6 years ago (2012-07-23)
Stable release 5.0.8 / March 22, 2013; 5 years ago (2013-03-22)
Development status Active
Written in Python
Operating system Linux
Available in English
Type Computer security
License GNU General Public License
Website (defunct)

Subterfuge is a free and open source network security framework to demonstrate man-in-the-middle attacks and make it as simple as point and shoot.[1] Subterfuge demonstrates vulnerabilities in the Address Resolution Protocol by harvesting credentials that go across the LAN, and even exploiting machines through client-side browser injection. It is capable of running on all distributions of Linux, but developer support is limited to Kali Linux. It is capable of leveraging multiple man-in-the-middle attacks against target networks.


Subterfuge Features include:

  • ARP Cache Poisoning
  • Credential Harvester
  • Http Code Injection
  • Wireless AP Generation
  • WPAD Hijacking
  • Rogue DHCP

Graphical interface

Subterfuge is known for its extremely modern web-based interface. The interface includes alternate perspectives for man-in-the-middle attacks through its unique network view. Subterfuge and its GUI’s purpose are primarily to demonstrate the dangers of man-in-the-middle attacks through their ease of employment with the framework itself.


  1. "Subterfuge (Man-in-the-Middle Attack Framework)". Raj Chandler. 12 December 2012. Retrieved 18 November 2013.<templatestyles src="Module:Citation/CS1/styles.css"></templatestyles>

External links