{"id":3965,"date":"2016-10-10T23:05:13","date_gmt":"2016-10-10T15:05:13","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=3965"},"modified":"2016-10-06T23:05:57","modified_gmt":"2016-10-06T15:05:57","slug":"mitmproxy-intercepting-http-proxy-tool-aka-mitm","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2016\/10\/mitmproxy-intercepting-http-proxy-tool-aka-mitm\/","title":{"rendered":"mitmproxy &#8211; Intercepting HTTP Proxy Tool aka MITM"},"content":{"rendered":"<p>mitmproxy is an interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2016\/10\/mitmproxy-Intercepting-HTTP-Proxy-Tool-aka-MITM-640x434.png\" alt=\"mitmproxy - Intercepting HTTP Proxy Tool aka MITM\" width=\"640\" height=\"434\" class=\"aligncenter size-medium wp-image-4305\" srcset=\"https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2016\/10\/mitmproxy-Intercepting-HTTP-Proxy-Tool-aka-MITM-640x434.png 640w, https:\/\/www.darknet.org.uk\/wp-content\/uploads\/2016\/10\/mitmproxy-Intercepting-HTTP-Proxy-Tool-aka-MITM.png 750w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/p>\n<p>It&#8217;s a console tool that allows interactive examination and modification of HTTP traffic. It differs from mitmdump in that all flows are kept in memory, which means that it\u2019s intended for taking and manipulating small-ish samples.<\/p>\n<p>The command-line companion called mitmdump provides tcpdump-like functionality to let you view, record, and programmatically transform HTTP traffic.<\/p>\n<h3>Features<\/h3>\n<ul>\n<li>Intercept HTTP requests and responses and modify them on the fly.<\/li>\n<li>Save complete HTTP conversations for later replay and analysis.<\/li>\n<li>Replay the client-side of an HTTP conversations.<\/li>\n<li>Replay HTTP responses of a previously recorded server.<\/li>\n<li>Reverse proxy mode to forward traffic to a specified server.<\/li>\n<li>Transparent proxy mode on OSX and Linux.<\/li>\n<li>Make scripted changes to HTTP traffic using Python.<\/li>\n<li>SSL certificates for interception are generated on the fly.<\/li>\n<\/ul>\n<script async src=\"https:\/\/pagead2.googlesyndication.com\/pagead\/js\/adsbygoogle.js?client=ca-pub-3033787195489589\"\r\n     crossorigin=\"anonymous\"><\/script>\r\n<!-- Darknet Responsive Post Ad Links [previously link ad unit] -->\r\n<ins class=\"adsbygoogle\"\r\n     style=\"display:block\"\r\n     data-ad-client=\"ca-pub-3033787195489589\"\r\n     data-ad-slot=\"5456620019\"\r\n     data-ad-format=\"auto\"><\/ins>\r\n<script>\r\n     (adsbygoogle = window.adsbygoogle || []).push({});\r\n<\/script>\n<h3>Installation<\/h3>\n<p>Ubuntu comes with Python but we need to install pip, python-dev and several libraries. This was tested on a fully patched installation of Ubuntu 14.04.<\/p>\n<pre>sudo apt-get install python-pip python-dev libffi-dev libssl-dev libxml2-dev libxslt1-dev libjpeg8-dev zlib1g-dev\r\nsudo pip install mitmproxy<\/pre>\n<p>Once installation is complete you can run mitmproxy or mitmdump from a terminal.<\/p>\n<p>On <strong>Ubuntu 12.04<\/strong> (and other systems with an outdated version of pip), you may need to update pip using <code>pip install -U pip<\/code> before installing mitmproxy.<\/p>\n<p>You can download mitmproxy here:<\/p>\n<p><a href=\"https:\/\/github.com\/mitmproxy\/mitmproxy\/archive\/v0.17.1.zip\">mitmproxy-v0.17.1.zip<\/a><\/p>\n<p>Or read more <a href=\"https:\/\/mitmproxy.org\/\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>mitmproxy is an interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers. It&#8217;s a console tool that allows interactive examination and modification of HTTP traffic. It differs from mitmdump in that all flows are kept in memory, which means that it\u2019s intended for taking and manipulating small-ish samples. The command-line companion called mitmdump [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"mitmproxy is an interactive TLS-capable intercepting HTTP proxy for penetration testers & software developers, it also has a command-line version mitmdump.","_seopress_robots_index":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[9,5],"tags":[9221,1198],"featured_image_src":null,"featured_image_src_square":null,"author_info":{"display_name":"Darknet","author_link":"https:\/\/www.darknet.org.uk\/author\/darknet\/"},"_links":{"self":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/3965"}],"collection":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/comments?post=3965"}],"version-history":[{"count":0,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/3965\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/media?parent=3965"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/categories?post=3965"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/tags?post=3965"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}