update

OWASP · Feb 23, 2025 · 2e37938 · 2e37938
1 parent 7f99ada
commit 2e37938
Show file tree

Hide file tree

Showing 4 changed files with 3 additions and 5 deletions.
diff --git a/docs/contributing/5_Style_Guide.md b/docs/contributing/5_Style_Guide.md
@@ -42,8 +42,6 @@ Or any other constructions like "he/she", "s/he", "his or her". Instead, use the
 - Use the second person: "If the attacker runs this code, he can bypass ..." -> "If you run this code, you can bypass ..."
 - Use the imperative: "A developer should never use ... in his code" -> "Never use ... in your code!"
 
-There is one exception: We are still using "man in the middle", as it is simply a common term in the industry and there is no common replacement for it.
-
 ### Timeliness of Content
 
 Keeping accurate and timely content establishes the OWASP MAS deliverables as a credible and trustworthy source of information.

diff --git a/techniques/android/MASTG-TECH-0011.md b/techniques/android/MASTG-TECH-0011.md
@@ -277,7 +277,7 @@ iptables -t nat -F
 
 #### bettercap
 
-Read ["Simulating a Man-in-the-Middle Attack"](../../Document/0x04f-Testing-Network-Communication.md#simulating-a-machine-in-the-middle-attack-with-bettercap "Simulating a MitM Attack") for further preparation and instructions for running bettercap.
+Read ["Simulating a Machine-in-the-Middle Attack"](../../Document/0x04f-Testing-Network-Communication.md#simulating-a-machine-in-the-middle-attack-with-bettercap "Simulating a MitM Attack") for further preparation and instructions for running bettercap.
 
 The host computer where you run your proxy and the Android device must be connected to the same wireless network. Start bettercap with the following command, replacing the IP address below (X.X.X.X) with the IP address of your Android device.
 

diff --git a/tests/android/MASVS-NETWORK/MASTG-TEST-0022.md b/tests/android/MASVS-NETWORK/MASTG-TEST-0022.md
@@ -162,7 +162,7 @@ Hybrid applications based on Cordova do not support Certificate Pinning natively
    function errorCallback(message) {
      alert(message);
      if (message === "CONNECTION_NOT_SECURE") {
-       // There is likely a man in the middle attack going on, be careful!
+       // There is likely a machine in the middle attack going on, be careful!
      } else if (message.indexOf("CONNECTION_FAILED") >- 1) {
        // There was no connection (yet). Internet may be down. Try again (a few times) after a little timeout.
      }

diff --git a/tools/network/MASTG-TOOL-0109.md b/tools/network/MASTG-TOOL-0109.md
@@ -4,6 +4,6 @@ platform: network
 source: https://github.com/summitt/Nope-Proxy
 ---
 
-[Nope-Proxy](https://github.com/summitt/Nope-Proxy) is an extension for Burp that operates as a Non-HTTP Man-in-the-Middle (MITM) tool, allowing you to intercept both TCP and UDP traffic. Additionally, it allows DNS spoofing on mobile devices to redirect traffic to Burp for the interception of non-HTTP communications. It also includes features such as manual traffic interception, automated traffic manipulation, a Python mangler, and traffic highlighting.
+[Nope-Proxy](https://github.com/summitt/Nope-Proxy) is an extension for Burp that operates as a Non-HTTP Machine-in-the-Middle (MITM) tool, allowing you to intercept both TCP and UDP traffic. Additionally, it allows DNS spoofing on mobile devices to redirect traffic to Burp for the interception of non-HTTP communications. It also includes features such as manual traffic interception, automated traffic manipulation, a Python mangler, and traffic highlighting.
 
 It can be installed using the `.jar` file from the [GitHub releases](https://github.com/summitt/Nope-Proxy/releases).