A transparent Http/Https proxy made in Go that intercepts and optionaly modifies outgoing requests/ incoming responses. Currently supports only OSX since it uses pf for intercepting traffic.
While developing or reverse engineering web services, it's very useful to be able to see the incoming/outgoing traffic and have the ability to edit both. It's even more useful if you can programmaticaly alter them via code and do all that transparently to the 2 sides of communication. Currently and to my knowledge there isn't a library/software that does ALL of the above, so I decided to make one.
between uses pf to intercept all incoming and outgoing traffic. It will then filter out http and https requests and responses and will run user defined functions to edit them in any way possible. When between exits it deactivates pf and restores network connectivity.
- deface is a fun little demo app that sniffs out all incoming images, performs face detection, and replaces faces with the 'rage guy'. See how it looks below: :-p
Currently between has 2 limitations:
- Needs to run as root. This is for 2 reasons:
- To be able to manipulate pf so it's intercepting all traffic. A different user can be used if permissions on pfctl are set.
- To exclude requests made from between from being intercepted again. Right now there is a pf rule that prevents traffic from root from being intercepted. A different user could be used for this reason too.
- Works only in OSX since it's using pf magic for interception. FreeBSD might work too but hasnt been tested.
There are many alternatives that achieve some of between's functionality but none was satisfying everything mentioned on the Why section.
- Browser Plugins (Chrome DevTools, Firebug, TamperData etc): Works great for reviewing requests/responses but editing them is impossible/very limited.
- Charles Proxy: Great proxy with ton of functionality. It's difficult (impossible?) to programmaticaly modify requests/responses in an arbitrary way.