An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Python JavaScript CSS HTML Shell Dockerfile
cortesi Merge pull request #3245 from madt1m/protobuf-serialization-clean
Shifting to Protobuf Serialization - Cleaned
Latest commit ec092fd Jul 21, 2018
Permalink
Failed to load latest commit information.
docker Dockerfile for Raspberry Pi 3 Jun 5, 2018
docs Merge pull request #3186 from andersonvom/master Jul 10, 2018
examples Merge pull request #3186 from andersonvom/master Jul 10, 2018
mitmproxy Merge pull request #3245 from madt1m/protobuf-serialization-clean Jul 21, 2018
pathod fix Python 3.6 variable type annotations #3053 Apr 14, 2018
release Merge pull request #3207 from cortesi/postrelease Jun 16, 2018
test Merge pull request #3245 from madt1m/protobuf-serialization-clean Jul 21, 2018
web update compiled mitmweb assets Jun 15, 2018
.appveyor.yml Such CI, Very Wow. (#3182) Jun 2, 2018
.codecov.yml hide codecov.yml Jun 16, 2016
.gitattributes ignore compiled mitmweb JS code Feb 15, 2017
.gitignore protobuf: tests implemented, full coverage Jul 17, 2018
.landscape.yml fix .landscape.yml Feb 18, 2016
.travis.yml Merge pull request #3188 from Kriechi/py36-check Jun 14, 2018
CHANGELOG CHANGELOG, release/README updates Jun 16, 2018
LICENSE merge metadata files Feb 15, 2016
MANIFEST.in Revert "Remove MANIFEST.in" May 17, 2018
README.rst fix appveyor link in README May 29, 2018
dev.ps1 Update dev.ps1 Mar 31, 2018
dev.sh always use 'venv' as virtualenv folder Jan 29, 2017
issue_template.md re-add discourse link in issue template Oct 25, 2017
requirements.txt fix requirements May 26, 2017
setup.cfg protobuf: tests implemented, full coverage Jul 17, 2018
setup.py protobuf: tests implemented, full coverage Jul 17, 2018
tox.ini fix syntax-error on older python interpreters Jun 8, 2018

README.rst

mitmproxy

Travis Build Status Appveyor Build Status Coverage Status Latest Version Supported Python versions

This repository contains the mitmproxy and pathod projects.

mitmproxy is an interactive, SSL-capable intercepting proxy with a console interface.

mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP.

mitmweb is a web-based interface for mitmproxy.

pathoc and pathod are perverse HTTP client and server applications designed to let you craft almost any conceivable HTTP request, including ones that creatively violate the standards.

Documentation & Help

General information, tutorials, and precompiled binaries can be found on the mitmproxy and pathod websites.

mitmproxy.org

The documentation for mitmproxy is available on our website:

mitmproxy documentation stable mitmproxy documentation master

Join our discussion forum on Discourse to ask questions, help each other solve problems, and come up with new ideas for the project.

Discourse: mitmproxy

Join our developer chat on Slack if you would like to contribute to mitmproxy itself.

Slack Developer Chat

Installation

The installation instructions are here. If you want to contribute changes, keep on reading.

Contributing

As an open source project, mitmproxy welcomes contributions of all forms. If you would like to bring the project forward, please consider contributing in the following areas:

  • Maintenance: We are incredibly thankful for individuals who are stepping up and helping with maintenance. This includes (but is not limited to) triaging issues, reviewing pull requests and picking up stale ones, helping out other users in our forums, creating minimal, complete and verifiable examples or test cases for existing bug reports, updating documentation, or fixing minor bugs that have recently been reported.
  • Code Contributions: We actively mark issues that we consider are good first contributions. If you intend to work on a larger contribution to the project, please come talk to us first.

Development Setup

To get started hacking on mitmproxy, please follow the advanced installation steps to install mitmproxy from source, but stop right before running pip3 install mitmproxy. Instead, do the following:

git clone https://github.com/mitmproxy/mitmproxy.git
cd mitmproxy
./dev.sh  # "powershell .\dev.ps1" on Windows

The dev script will create a virtualenv environment in a directory called "venv" and install all mandatory and optional dependencies into it. The primary mitmproxy components - mitmproxy and pathod - are installed as "editable", so any changes to the source in the repository will be reflected live in the virtualenv.

The main executables for the project - mitmdump, mitmproxy, mitmweb, pathod, and pathoc - are all created within the virtualenv. After activating the virtualenv, they will be on your $PATH, and you can run them like any other command:

. venv/bin/activate  # "venv\Scripts\activate" on Windows
mitmdump --version

Testing

If you've followed the procedure above, you already have all the development requirements installed, and you can run the full test suite (including tests for code style and documentation) with tox:

tox

To run complete tests with a full coverage report, you can use the following command:

tox -- --verbose --cov-report=term

For speedier testing, we recommend you run pytest directly on individual test files or folders:

cd test/mitmproxy/addons
pytest --cov mitmproxy.addons.anticache --looponfail test_anticache.py

As pytest does not check the code style, you probably want to run tox -e lint before committing your changes.

Please ensure that all patches are accompanied by matching changes in the test suite. The project tries to maintain 100% test coverage and enforces this strictly for some parts of the codebase.

Documentation

The following tools are required to build the mitmproxy docs:

cd docs
yarn
modd

Code Style

Keeping to a consistent code style throughout the project makes it easier to contribute and collaborate. Please stick to the guidelines in PEP8 and the Google Style Guide unless there's a very good reason not to.

This is automatically enforced on every PR. If we detect a linting error, the PR checks will fail and block merging. You can run our lint checks yourself with the following command:

tox -e lint