Skip to content

An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers

License

Notifications You must be signed in to change notification settings

haiut/mitmproxy

 
 

Repository files navigation

Build Status Coverage Status

mitmproxy is an interactive, SSL-capable man-in-the-middle proxy for HTTP with a console interface.

mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP.

libmproxy is the library that mitmproxy and mitmdump are built on.

Documentation, tutorials and distribution packages can be found on the mitmproxy.org website:

mitmproxy.org.

Features

  • Intercept HTTP requests and responses and modify them on the fly.
  • Save complete HTTP conversations for later replay and analysis.
  • Replay the client-side of an HTTP conversations.
  • Replay HTTP responses of a previously recorded server.
  • Reverse proxy mode to forward traffic to a specified server.
  • Transparent proxy mode on OSX and Linux.
  • Make scripted changes to HTTP traffic using Python.
  • SSL certificates for interception are generated on the fly.
  • And much, much more.

Requirements

Optional packages for extended content decoding:

mitmproxy is tested and developed on OSX, Linux and OpenBSD. Windows is not officially supported at the moment.

Hacking

The following components are needed if you plan to hack on mitmproxy:

  • The test suite uses the nose unit testing framework and requires pathod and flask.
  • Rendering the documentation requires countershape.

For convenience, all dependencies save countershape can be installed from pypi to a virtualenv with 'pip install -r requirements.txt'.

Please ensure that all patches are accompanied by matching changes in the test suite. The project maintains 100% test coverage.

About

An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers

Resources

License

Stars

Watchers

Forks

Packages

No packages published