Hacking macOS: How to Remotely Sniff Passwords on a Mac in Real Time, Part 1 (Packet Exfiltration)

With the rise of website encryption (using the TLS cryptographic protocol), sniffing passwords from network activity has become difficult. However, it’s still possible to quietly exfiltrate a target’s network traffic in real time to extract passwords and sensitive information. Pertaining to macOS, there are two methods for retrieving traffic from a backdoored Mac.
The first method requires Empire, a post-exploitation framework. Empire can be embedded into a MacBook using a USB Rubber Ducky during single-user mode attacks or by social engineering the target into running a malicious command… more

Link: https://null-byte.wonderhowto.com/how-to/hacking-macos-remotely-sniff-passwords-mac-real-time-part-1-packet-exfiltration-0186088/