mitmproxy is an open source SSL-capable man-in-the-middle proxy for HTTP which provides a console interface that allows traffic flows to be inspected and edited on the fly.
mitmdump is the command-line version of mitmproxy, with the same functionality but without the frills. Think tcpdump for HTTP.
Both tools are fully documentented in the commandline --help flag, and, in the case of mitmproxy, a built-in help page accessible through the ? keyboard shortcut.
Installation: To install mitmproxy on your Mac you will have to open a Terminal window, browse to mitmproxy's folder and run the following command from inside that directory (you will need administrator privileges to be able to run it):
sudo python setup.py install
Here are some key features of "mitmproxy":
· Intercept HTTP requests and responses and modify them on the fly.
· Save complete HTTP conversations for later replay and analysis.
· Replay the client-side of an HTTP conversations.
· Replay HTTP responses of a previously recorded server.
· Make scripted changes to HTTP traffic using Python.
· SSL certificates for interception are generated on the fly.
Requirements:
· Apple Xcode
· Python 2.6 / 2.7
· Urwid
· OpenSSL
What's New in This Release: [ read full changelog ]
· New scripting API that allows much more flexible and fine-grained rewriting of traffic. See the docs for more info.
· Support for gzip and deflate content encodings. A new "z" keybinding in mitmproxy to let us quickly encode and decode content, plus automatic decoding for the "pretty" view mode.
· An event log, viewable with the "v" shortcut in mitmproxy, and the "-e" command-line flag in mitmdump.
· Huge performance improvements: mitmproxy interface, loading large numbers of flows from file.
· A new "replace" convenience method for all flow objects, that does a universal regex-based string replacement.
· Header management has been rewritten to maintain both case and order.
· Improved stability for SSL interception.
· Default expiry time on generated SSL certs has been dropped to avoid an OpenSSL overflow bug that caused certificates to expire in the distant past on some systems.
· A "pretty" view mode for JSON and form submission data.
· Expanded documentation and examples.
· Countless other small impr...
Find us on Google+
