Software updates apply patches or introduce new features to an application. In most cases, the update procedure is conducted in an insecure manner, exposing the updater to execution of malicious code or to manipulation of application data such as anti-virus signatures. This tool uses several techniques of update-exploitation attacks which leverages a man-in-the-middle technique, to build and inject a fake update reply or hijack an on-going update session.
Platform: Windows/Linux/BSD/Mac OS;License: GNU General Public License v2
Reference: https://code.google.com/p/aimject/