Is there a tool or a method to avoid the "invalid certificate" browser popup when sniffing ssl traffic ?
I've expiremented with ettercap and webmitm and also sslstrip
But I'm wondering if it's possible to keep the ssl connection (not like sslstrip) and yet sniff the traffic without the warning ?
Could it be possible to put our own face certificate on the victim's machine to avoid further popup ? I'm interested in any method practical or theoretical.