Mitmproxy is a free and open-source interactive SSL-capable proxy that works as man-in-the-middle for HTTP and HTTPS communication. It’s a powerful mitm proxy tool which, according to official documentation, allows you to prettify and decode a variety of message types, intercept specific messages on-the-fly, modify them before they reach their destination, and replay them to a client or server later on.
Mitmproxy can operates in several modes:
- Regular (Default), Transparent, Reverse Proxy, Upstream Proxy, SOCKS Proxy.
mitmproxy: Interactive SSL-capable man-in-the-middle Proxy
It is a swiss-army knife for debugging, testing, privacy measurements and penetration testing, which allows you to intercept, inspect, modify and replay HTTP/1,HTTP/2 traffic, WebSockets and other SSL-protected protocols.
How it works?
Mitmproxy pretends to be the server to the client, and pretend to be the client to the server, while we sit in the middle decoding traffic from both sides.
- The client connects to the proxy and makes a request.
- Mitmproxy connects to the upstream server and simply forwards the request on.
Main mitmproxy features can be used through web-based UI
mitmweb, involving interactive examination and modification of HTTP traffic. In addition, there is a Python API, which makes mitmproxy highly configurable. It offers full control and makes it possible to automatically modify messages, redirect traffic, visualize messages, or implement custom commands.
- Intercept HTTP & HTTPS requests and responses and modify them on the fly
- Save complete HTTP conversations for later replay and analysis
- Replay the client-side of an HTTP conversations
- Replay HTTP responses of a previously recorded server
- Reverse proxy mode to forward traffic to a specified server
- Transparent proxy mode on OSX and Linux
- Make scripted changes to HTTP traffic using Python
- SSL/TLS certificates for interception are generated on the fly
mitmproxyInteractive MiTM proxy for HTTP/HTTPS with a console interface.
mitmdumpCommand-line version of mitmproxy. Think tcpdump for HTTP.
mitmwebWeb-based interface for mitmproxy. (currently in beta)
Python 3.6+(in order to run the latest version)
First of all, you need to make sure that you’ve installed the latest Python version. Then clone mirmproxy from the GitHub repo:
$ git clone https://github.com/mitmproxy/mitmproxy.git
Navigate to the working directory, and run
$ cd mitmproxy
devscript will create a virtualenv environment in a directory called
venvand install all mandatory and optional dependencies into it.
Now you can install it via
$ pip3 install mitmproxy
Use Homebrew to install mitmproxy (recommended):
$ brew install mitmproxy
If you don’t have Homebrew installed, you can do it by running the following command:
$ /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
To start using it, just run
mitmproxy, and you should see a welcome screen:
To list all available options, use
Given that these are just some basic information about the mitmproxy, we’ll make sure to write about practical usage in some of the future posts. For detailed explanation and installation examples, click the “documentation” button below.