Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
An interactive SSL-capable intercepting HTTP proxy for penetration testers and software developers
Python CSS Other

Fetching latest commit…

Cannot retrieve the latest commit at this time

Failed to load latest commit information.
doc-src
examples
libmproxy
scripts
test
.gitignore
CHANGELOG
CONTRIBUTORS
LICENSE
MANIFEST.in
README.mkd
mitmdump
mitmproxy
setup.py
todo

README.mkd

mitmproxy is an SSL-capable, intercepting HTTP proxy. It provides a console interface that allows traffic flows to be inspected and edited on the fly.

mitmdump is the command-line version of mitmproxy, with the same functionality but without the frills. Think tcpdump for HTTP.

Both tools are fully documentented in the commandline --help flag, and, in the case of mitmproxy, a built-in help page accessible through the ? keyboard shortcut.

Capabilities

  • Intercept HTTP requests and responses and modify them on the fly.
  • Save complete HTTP conversations for later replay and analysis.
  • Replay the client-side of an HTTP conversations.
  • Replay HTTP responses of a previously recorded server.
  • Make scripted changes to HTTP traffic using Python.
  • SSL certificates for interception are generated on the fly.

Download

Releases and rendered documentation can be found on the mitmproxy website:

mitmproxy.org

Source is hosted on github:

github.com/cortesi/mitmproxy

Requirements

  • Python 2.6.x or 2.7.x.
  • openssl. Installed by default on most systems.
  • urwid version 0.9.8 or newer.
  • The test suite uses the pry unit testing library.
  • Rendering the documentation requires countershape.

mitmproxy is tested and developed on OSX, Linux and OpenBSD.

You should also make sure that your console environment is set up with the following:

  • EDITOR environment variable to determine the external editor.
  • PAGER environment variable to determine the external pager.
  • Appropriate entries in your mailcap files to determine external viewers for request and response contents.
Something went wrong with that request. Please try again.