An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Go to file
2011-03-18 10:14:57 +13:00
doc-src Docs, minor cert tweaks. 2011-03-18 09:04:49 +13:00
examples First pass of script hooks for mitmdump. 2011-02-18 12:40:45 +13:00
libmproxy Use path_prompt rather than plain prompt where needed in mitmproxy. 2011-03-18 10:14:57 +13:00
test Interrupt interception when deleting an intercepting flow. 2011-03-15 17:53:29 +13:00
.gitignore Simple record & playback functionality 2011-02-10 02:59:51 +01:00
CHANGELOG Release mitmproxy 0.2 2010-03-01 17:25:27 +13:00
LICENSE Initial checkin. 2010-02-16 17:09:07 +13:00
MANIFEST.in Initial checkin. 2010-02-16 17:09:07 +13:00
mitmdump Unify mitmproxy and mitmdump commandline 2011-03-12 14:30:12 +13:00
mitmproxy Fix a number of small UI infelicities. 2011-03-13 21:16:42 +13:00
README.mkd Use path_prompt rather than plain prompt where needed in mitmproxy. 2011-03-18 10:14:57 +13:00
setup.py Fix setup.py 2011-02-21 12:04:24 +13:00
todo Documentation. 2011-03-16 15:27:26 +13:00

mitmproxy is an SSL-capable, intercepting HTTP proxy. It provides a console interface that allows traffic flows to be inspected and edited on the fly.

mitmdump is the command-line version of mitmproxy, with the same functionality but without the frills. Think tcpdump for HTTP.

Both tools are fully documentented in the commandline --help flag, and, in the case of mitmproxy, a built-in help page accessible through the ? keyboard shortcut.

Capabilities

  • Intercept HTTP requests and responses and modify them on the fly.
  • Save complete HTTP conversations for later replay and analysis.
  • Replay the client-side of an HTTP conversations.
  • Replays HTTP responses of a previously recorded server.
  • Make scripted changes to HTTP traffic using a simple Python API.
  • Dummy SSL certificate authority creates interception certificates on the fly.

Download

Releases can be found here: http://corte.si/projects.html

Source is hosted here: http://github.com/cortesi/mitmproxy

Requirements

  • A recent Python interpreter.
  • SSL certificates are generated using openssl
  • The curses interface relies on version 0.9.8 or newer of the urwid library.
  • The test suite uses the pry unit testing library.

You should also make sure that your console environment is set up with the following:

  • EDITOR environment variable to determine the external editor.
  • PAGER environment variable to determine the external pager.
  • Appropriate entries in your mailcap files to determine external viewers for request and response contents.