mitmproxy is your swiss-army knife for interactive HTTP\/HTTPS proxy. In fact, it can be used to intercept, inspect, modify and replay web traffic such as HTTP\/1, HTTP\/2, WebSockets, or any other SSL\/TLS-protected protocols.<\/p>\n
Moreover, mitmproxy has a powerful Python API that offers full control over any intercepted request and response.<\/p>\n
ref: ref: ref: Make your computer become the man in a man-in-the-middle attack.<\/p>\n Flow List keys:<\/p>\n Flow Details keys:<\/p>\n ref: ref: The most exciting feature is you could alter any request and response using a Python script, ref: You can use your own certificate by passing the The certificate file is expected to be in the PEM format which would roughly look like this:<\/p>\n ref:
\nhttps:\/\/mitmproxy.org\/<\/a>
\nhttps:\/\/docs.mitmproxy.org\/stable\/<\/a><\/p>\nConcept<\/h2>\n
\nhttps:\/\/docs.mitmproxy.org\/stable\/concepts-howmitmproxyworks\/<\/a><\/p>\nInstallation<\/h2>\n
$ brew install mitmproxy\n\n$ mitmproxy --version\nMitmproxy: 4.0.4\nPython: 3.7.0\nOpenSSL: OpenSSL 1.0.2p 14 Aug 2018\nPlatform: Darwin-18.0.0-x86_64-i386-64bit<\/code><\/pre>\n
\nhttps:\/\/docs.mitmproxy.org\/stable\/overview-installation\/<\/a><\/p>\nConfiguration<\/h2>\n
macOS<\/h3>\n
$ ipconfig getifaddr en0\n192.168.0.128\n\n$ mitmproxy -p 8888\n# or\n$ mitmweb -p 8888\n$ open http:\/\/127.0.0.1:8081\/<\/code><\/pre>\n\n
?<\/code>: Show help<\/li>\nq<\/code>: Exit the current view<\/li>\nf<\/code>: Set view filter<\/li>\nr<\/code>: Replay this flow<\/li>\ni<\/code>: Set intercept filter<\/li>\nhjkl<\/code> or arrow<\/code>: Move left\/down\/up\/right<\/li>\nenter<\/code>: Select<\/li>\n<\/ul>\n\n
tab<\/code>: Select next<\/li>\nm<\/code>: Set flow view mode<\/li>\ne<\/code>: Edit this flow (request or response)<\/li>\na<\/code>: Accept this intercepted flow<\/li>\n<\/ul>\n
\nhttps:\/\/docs.mitmproxy.org\/stable\/tools-mitmproxy\/<\/a>
\nhttps:\/\/github.com\/mitmproxy\/mitmproxy\/blob\/master\/mitmproxy\/tools\/console\/defaultkeys.py<\/a><\/p>\niOS<\/h3>\n
\n
\n
\n
192.168.0.128<\/code><\/li>\n8888<\/code><\/li>\n\n
\n
mitmproxy<\/code> certificate<\/li>\n<\/ul>\n<\/li>\n
\nhttps:\/\/docs.mitmproxy.org\/stable\/concepts-certificates\/<\/a><\/p>\nUsage<\/h2>\n
mitmdump -s<\/code>!<\/p>\n
\nhttps:\/\/docs.mitmproxy.org\/stable\/tools-mitmdump\/<\/a>
\nhttps:\/\/github.com\/mitmproxy\/mitmproxy\/tree\/master\/examples<\/a><\/p>\nDeal With Certificate Pinning<\/h3>\n
--certs example.com=\/path\/to\/example.com.pem<\/code> option to mitmproxy. Mitmproxy then uses the provided certificate for interception of the specified domain.<\/p>\n-----BEGIN PRIVATE KEY-----\n<private key>\n-----END PRIVATE KEY-----\n\n-----BEGIN CERTIFICATE-----\n<cert>\n-----END CERTIFICATE-----\n\n-----BEGIN CERTIFICATE-----\n<intermediary cert (optional)>\n-----END CERTIFICATE-----<\/code><\/pre>\n$ mitmproxy -p 8888 --certs example.com=example.com.pem<\/code><\/pre>\n
\nhttps:\/\/docs.mitmproxy.org\/stable\/concepts-certificates\/#using-a-custom-server-certificate<\/a><\/p>\nRedirect Requests To Your Local Development Server<\/h3>\n
# redirect_to_localhost.py\nfrom mitmproxy import ctx\nfrom mitmproxy import http\n\nREMOTE_HOST = 'api.example.com'\nDEV_HOST = '192.168.0.128'\nDEV_PORT = 8000\n\ndef request(flow: http.HTTPFlow) -> None:\n if flow.request.pretty_host in [REMOTE_HOST, DEV_HOST]:\n ctx.log.info('=== request')\n ctx.log.info(str(flow.request.headers))\n ctx.log.info(f'content: {str(flow.request.content)}')\n\n flow.request.scheme = 'http'\n flow.request.host = DEV_HOST\n flow.request.port = DEV_PORT\n\ndef response(flow: http.HTTPFlow) -> None:\n if flow.request.pretty_host == DEV_HOST:\n ctx.log.info('=== response')\n ctx.log.info(str(flow.response.headers))\n if flow.response.headers.get('Content-Type', '').startswith('image\/'):\n return\n ctx.log.info(f'body: {str(flow.response.get_content())}')<\/code><\/pre>\n