Skip to content

An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers

License

Notifications You must be signed in to change notification settings

chiehwen/mitmproxy

 
 

Repository files navigation

mitmproxy is an interactive, SSL-capable man-in-the-middle proxy for HTTP with a console interface.

mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP.

libmproxy is the library that mitmproxy and mitmdump are built on.

Complete documentation and a set of practical tutorials is included in the distribution package, and is also available at mitmproxy.org.

Features

  • Intercept HTTP requests and responses and modify them on the fly.
  • Save complete HTTP conversations for later replay and analysis.
  • Replay the client-side of an HTTP conversations.
  • Replay HTTP responses of a previously recorded server.
  • Reverse proxy mode to forward traffic to a specified server.
  • Transparent proxy mode on OSX and Linux.
  • Make scripted changes to HTTP traffic using Python.
  • SSL certificates for interception are generated on the fly.
  • And much, much more.

Download

Releases and documentation can be found on the mitmproxy website:

mitmproxy.org

Source is hosted on github:

github.com/cortesi/mitmproxy

Community

Come join us in the #mitmproxy channel on the OFTC IRC network (irc://irc.oftc.net:6667).

We also have a mailing list, hosted here:

groups.google.com/group/mitmproxy

Requirements

The following auxiliary components may be needed if you plan to hack on mitmproxy:

mitmproxy is tested and developed on OSX, Linux and OpenBSD. Windows is not supported at the moment.

You should also make sure that your console environment is set up with the following:

  • EDITOR environment variable to determine the external editor.
  • PAGER environment variable to determine the external pager.
  • Appropriate entries in your mailcap files to determine external viewers for request and response contents.

About

An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers

Resources

License

Stars

Watchers

Forks

Packages

No packages published