Inject malicious content into web pages (e.g., JavaScript keyloggers, exploit kit redirects) - Modify file downloads to include malware - Alter DNS responses on-the-fly - Downgrade encryption (SSL stripping) - Hijack authenticated sessions using stolen cookies - Modify API responses to change applic