mitmproxy Cheatsheet

mitmproxy Cheatsheet¶

Overview¶

mitmproxy is a free and open-source interactive man-in-the-middle proxy for HTTP and HTTPS. It allows you to intercept, inspect, modify, and replay web traffic.

Key Features¶

Interactive Console: A powerful and interactive console for inspecting and manipulating traffic.
SSL/TLS Interception: Can intercept and decrypt SSL/TLS traffic.
Scripting: Can be scripted with Python to automate tasks.
Web Interface: A web-based interface for inspecting and manipulating traffic.
Transparent Proxy: Can be used as a transparent proxy.

Installation¶

pip install mitmproxy

Tools¶

mitmproxy: An interactive console that allows you to inspect and modify traffic on the fly.
mitmweb: A web-based interface for mitmproxy.
mitmdump: A command-line tool that allows you to script mitmproxy.

Getting Started¶

Start mitmproxy:
```
mitmproxy
```
Configure Your Browser: Configure your browser to use mitmproxy as a proxy (usually localhost:8080).
Install the Certificate: Install the mitmproxy certificate authority to intercept SSL/TLS traffic. Navigate to http://mitm.it in your browser and follow the instructions.
Start Intercepting: You should now see traffic flowing through the mitmproxy console.

Keyboard Shortcuts (mitmproxy console)¶

?: Help
q: Quit
j, k: Down, Up
Enter: View flow details
e: Edit flow
a: Accept modified flow
d: Delete flow
r: Replay flow

Scripting¶

mitmproxy can be scripted with Python to automate tasks.

Example Script (save as script.py):

from mitmproxy import http

def request(flow: http.HTTPFlow) -> None:
    flow.request.headers["User-Agent"] = "MyCustomUserAgent"

Run with mitmdump:

mitmdump -s script.py

Common Use Cases¶

Security Testing: Intercept and modify traffic to test for vulnerabilities.
Penetration Testing: Analyze the security of web applications.
Reverse Engineering: Understand how web applications work.
Debugging: Debug web applications by inspecting the traffic.