SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. Connections are transparently intercepted through a network address translation engine and redirected to SSLsplit. SSLsplit terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted. SSLsplit is intended to be useful for network forensics and penetration testing.
Changes: This release adds experimental support for pf on Mac OS X, and adds support for pf divert-to on FreeBSD and OpenBSD. SSLsplit now removes headers advertising support for SPDY/QUIC from HTTP responses. Additionally, a number of segmentation faults, a memory leak, and a file descriptor leak have been fixed, greatly improving overall stability.