The built-in sslstripping feature (http.proxy.sslstrip) in bettercap is not working against HTTPS websites in this issue I will be using cygwin.com and winzip.com as an example, as we can see they are not HSTS preloaded https://hstspreload.org/?domain=cygwin.com https://hstspreload.org/?domain=winzip.com.

I am using bettercap v2.32.0 (built for linux amd64 with go1.21.0)

my os is

```

Distributor ID: Kali

Description: Kali GNU/Linux Rolling

Release: 2024.1

Codename: kali-rolling

x86_64

```

I am using --caplet script.cap as a command line argument

script.cap contains:

```

net.probe on

set http.proxy.sslstrip true

http.proxy on

set arp.spoof.fullduplex true

set arp.spoof.targets 192.168.0.100

set net.sniff.local true

arp.spoof on

net.sniff on

```

Full Debug output: https://pastebin.com/qZF21fdY

Steps to Reproduce

Run the script.cap provided above make sure to change the IP address accordingly

Go into an HTTPS website on the victim machine

Expected behavior:

Successfully ARP spoof the victim

Successfully sniff data from http websites

Successfully downgrade HTTPS into HTTP

When downgraded successfully sniff data from HTTPS websites

Actual behavior:

Successfully ARP spoofed the victim

Successfully sniffed data from http websites

Couldn't downgrade HTTPS into HTTP (loads as HTTPS)

Since I could not downgrade HTTPS I was not able to sniff any data from HTTPS websites

Now as I final note I want to add my own interpretation of this; Generally when bettercap detects HTTPS websites while running SSLstrip it logs something like spoofing the domain or HTTPS detected downgrading etc. but in this instance it is not so maybe this is a bug where it is not correctly detecting HTTPS pages therefore not even trying to downgrade them???

BTW ofcourse I cleared all the web browser cache, I tried both chrome and edge, also I disabled secure DNS on both.