Network Interception in Rust Intermediate - 3 days - 3500€ HT
Description
Mastering network traffic interception and manipulation is a critical skill for security analysis, penetration testing, and offensive tool development. This course offers a hands-on technical immersion, building a high-performance Man-In-The-Middle (MITM) tool from scratch using the Rust programming language.
The approach is entirely practical: participants design an interceptor capable of performing ARP poisoning attacks and processing complex application traffic. Through progressive workshops, the course explores the fundamental layers of the OSI model, frame decoding, and the implementation of transparent interception mechanisms for HTTP and TLS protocols. The use of Rust ensures safe memory management and optimal performance for low-level data processing.
-
3 days (21 hours)
-
Offensive security and Rust development
-
Development of a complete and functional MITM tool
-
In-depth understanding of the network mechanisms being exploited
Objectives
- Understand and leverage ARP and DHCP on a local network
- Develop real-time HTTP/HTTPS stream interception and modification capabilities
- Master raw socket manipulation and TCP/IP stream reconstruction using Rust
Public and prerequisites
This training is designed for technical professionals who want to combine modern system development skills with offensive network expertise.
-
Rust developers wishing to apply their skills to low-level security
-
Penetration testers/auditors wanting to design their own interception tools
-
Security engineers specializing in protocol analysis
A solid understanding of Rust fundamentals (ownership, structures, dependency management, error handling) is essential. Basic networking knowledge (OSI model, encapsulation, TCP/IP) is required to follow the technical modules.
Content
Day 1
Network and LAN layers: presentation of the layers manipulated in a MITM interception, analysis of local network operation, ARP resolution, and machine behavior in a LAN. Low-level development: development in Rust of the first transparent interception building blocks at the Ethernet, IP, and TCP layers
Day 2
HTTP and HTTPS: detailed presentation of the exchange process (structure, headers, and session mechanisms), implementation of HTTP interception (stream reconstruction, content inspection and modification). TLS interception: introduction to TLS mechanisms (handshake, certificates, constraints, and limitations), development of TLS interception. Validation: testing under real-world conditions in a physical environment simulating a local network, with complete end-to-end testing.
Day 3
Advanced protocols: a series of in-depth tests on the IP and TCP layers (option management, MSS, fragmentation, retransmissions), development and analysis of a second local network attack (DHCP spoofing). Performance and constraints: use of benchmarking tools in Rust (performance analysis, processing time measurement, optimization), consideration of real-world constraints (stability, robustness, scalability, detection by defense systems). Finalization: consolidation of the product code and final packaging of the MITM tool.
All the details regarding how the training is conducted are described on this page.