1 min readJun 1, 2019
SSL strip does exactly what you described. The problem is there are websites now a days which follow the HSTS ( HTTP Strict Transport Security )protocol. This enables the website to load only in HTTPS version of it and that renders most of the SSL Striping attack useless.