HoneyProxy is a lightweight man-in-the-middle proxy that helps you analyze HTTP(S) traffic flows. It is tailored to the needs of security researchers and allows both real-time and log analysis. Being compatible with mitmproxy, it focuses on features that are useful in a forensic context and allows extended visualization capabilites.
HoneyProxy is developed as a HTML5 browser-based application working on top of a logging core written in Python. It is primarily developed by Maximilian Hils and mentored by Guillaume Arcas as part of the Honeynet Google Summer of Code 2012 project.
HoneyProxy has grown steadily over the last months and is considered to be stable now. While there are still some features missing, HoneyProxy is already a nice open source alternative to other proxies such as BURP. Below you can see a screenshot of the current status.
We love to hear from your experience with HoneyProxy. If you have any feature suggestions, please get in touch :)
Download the latest release or clone the git repo:
git clone --recursive git://github.com/mhils/HoneyProxy.git.
Install all dependencies:
pip install pyOpenSSL pyasn1 Twisted Autobahn
To start HoneyProxy, just run
python honeyproxy.py or
python honeyproxy.py --help. If you don't use a modern browser, a kitten will die. We currently support both Firefox and Chrome!
Most command line parameters are documented in the mitmproxy docs.
- Python 2.6.x or 2.7.x.
- pyOpenSSL 0.12 or newer.
- pyasn1 0.1.2 or newer.
- Twisted 12.0 or newer.
- Autobahn 0.5.2 or newer.
Anyone and everyone is welcome to contribute. If you have any questions, feel free to ping me directly or open a ticket at GitHub. I'll try to answer as soon as possible.