Skip to content

mitmproxy

Interactive HTTPS proxy for penetration testers

PythonGitHubWebsite

Description

mitmproxy is a free, open-source interactive HTTPS proxy. It provides a console interface, a web interface (mitmweb), and a Python API for scripting. Ideal for analyzing and modifying HTTP/S traffic.

Installation

BASH 
# pip
pip3 install mitmproxy

# Homebrew
brew install mitmproxy

# Kali
sudo apt install mitmproxy

Basic Usage

BASH 
# Start console proxy (default port 8080)
mitmproxy

# Start web UI
mitmweb

# Dump mode (non-interactive)
mitmdump

# Custom port
mitmproxy -p 9090

Advanced Usage

BASH 
# Intercept specific hosts
mitmproxy --intercept "~d target.com"

# Script injection
mitmdump -s inject_header.py

# Save flows
mitmdump -w traffic.flow

# Replay flows
mitmdump -r traffic.flow

# Transparent proxy
mitmproxy --mode transparent

# Reverse proxy
mitmproxy --mode reverse:https://target.com

# Filter displayed traffic
mitmproxy --set view_filter="~d target.com"

Scripting Example

PYTHON 
# inject_header.py
from mitmproxy import http

def request(flow: http.HTTPFlow):
    flow.request.headers["X-Custom"] = "injected"

def response(flow: http.HTTPFlow):
    if "admin" in flow.response.text:
        print(f"[!] Admin found: {flow.request.url}")

Common Workflows

BASH 
# Record and replay API traffic
mitmdump -w api_traffic.flow
mitmdump -r api_traffic.flow --set replay_kill_extra=true

# Extract all URLs
mitmdump --set flow_detail=0 -s 'from mitmproxy import ctx; [print(f.request.url)]'
Back to Miscellaneous