mitmproxy is your swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify and replay web traffic such as HTTP/1, HTTP/2, HTTP/3, WebSockets, or any other SSL/TLS-protected protocols.

mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets. mitmweb is a web-based interface for mitmproxy. mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP. Distribution packages can be found on the mitmproxy website.

Mitmproxy connects to the server, and establishes a TLS connection using the SNI hostname indicated by the client. The server responds with the matching certificate, which contains the CN and SAN values needed to generate the interception certificate.

To install mitmproxy on Windows, download the installer from mitmproxy.org. We also provide standalone binaries, they take significantly longer to start as some files need to be extracted to temporary directories first. After installation, mitmproxy, mitmdump and mitmweb are also added to your PATH and can be invoked from the command line.

Mitmproxy starts as a regular HTTP proxy by default and listens on http://localhost:8080. You need to configure your browser or device to route all traffic through mitmproxy. Browser versions and configurations options frequently change, so we recommend to simply search the web on how to configure an HTTP proxy for your system.

flow-filter is an optional mitmproxy filter expression that describes which requests should be blocked. status-code is the HTTP status code served by mitmproxy for blocked requests. A special status code of 444 instructs mitmproxy to “hang up” and not send any response at all. The separator is arbitrary, and is defined by the first character.

2021年7月16日 · Secure Web Proxy: Mitmproxy now supports TLS-over-TLS to already encrypt the connection to the proxy. Server-Side Greetings: Mitmproxy now supports proxying raw TCP connections, including ones that start with a server-side greeting (e.g. SMTP).

2022年10月28日 · We’re excited to announce the release of mitmproxy 9, a free and open source interactive HTTPS proxy. This release brings support for raw UDP and DTLS, a new WireGuard proxy mode, and major usability improvements.

mitmproxy supports different proxy modes to capture traffic. You can use any of the modes with any of the mitmproxy tools (mitmproxy, mitmweb, or mitmdump). # Recommended. Regular: The default mode. Configure your client(s) to use an HTTP(S) proxy. Local Capture: Capture applications on the same device.

mitmproxy, a project by Aldo Cortesi, Maximilian Hils, and Thomas Kriechbaumer. Maintained by the core team with the help of our fantastic contributors .