Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Session store #2175
Having sessions in mitmproxy so that one can resume the work from where they left.
Once this is in place we can work on implementing higher-level functionality like security scanners, reconnaissance tools and end-point discovery mechanisms.
Let's flesh out this proposal somewhat. A rough outline of what I have in mind here:
A session is a mutable data store that can be accessed by addons and by the mitmproxy core.
Addons can add add and read annotations to flows using the flow unique identifier. So a security analysis addon can add notes to a flow that might then be shown to uses, or indeed used by other addons. I think we can be relaxed about the structure of these annotations to begin with, and firm things up by convention alter on.
This is also the right place to add user annotations, which we've wanted in our interface for a long time.
The session should contain a store of the current invocation options, so the user can easily start up where they left off.
The session contains an on-disk flow dump that is a complete immutable record of all flows that occurred during the session. This has a number of effects:
Each session is a directory containing a mitmdump and a storage file. The storage file is a SQLite database (or similar) that contains all the auxiliary data. The interface presented to addons and the mitmproxy core should be light-weight and storage agnostic.