You've probably all heard of Firesheep by now, a Firefox add-on which lets anyone hijack a user's session to various popular web applications when they're using an open wireless network. While sniffing/stealing session credentials is nothing new, Firesheep exposes this capability to the masses by automating the process so that absolutely no technical know-how is required.
Unfortunately, it is actually quite difficult to defend against Firesheep because most sites only permit SSL connections during the initial login, not while surfing other pages. As such, while your username and password are encrypted, your session ID is available to all other machines on the same network.
Mac OS X: 10.5 or newer on an Intel processor.Windows: XP or newer. Install Winpcap first!Linux: available hereFirefox: 3.5 or newer. 32-bit only.
In order to install BlackSheep, you need: