The MITM framework

A man-in-the-middle (MITM) framework of tools and utilities is used when performing all MITM attacks on a network. A MITM attack is when a hacker sits between the victim and another device, such as the default gateway to the internet. The intention of the attack is to intercept all traffic along the path. Looking at the following diagram, all traffic from the PC that is intended to go to the internet which is supposed to be sent directly to the router (default gateway) is indicated by the top arrow. However, with an attacker on the network, they are able to trick the victim's PC into thinking the attacker's machine is now the router (default gateway) and tricking the router into believing the attacker's machine is the PC:

It’s a penetration tester’s powerhouse. Some of its features are key-logging, address resolution protocol (ARP) cache poisoning attacks, spoofing, and SSL stripping attacks using the SSLStip+ feature. The following is the main window of the MITM framework on NetHunter:

Swiping across on the right, you'll encounter another section, Spoof Settings, which will allow a penetration tester to easily execute an MITM attack on a network: