Stack Overflow
Stack Overflow

Questions tagged [mitmproxy]

mitmproxy is an interactive console tool that allows network traffic to be inspected and edited on the fly.

Its features include:

  • Intercept HTTP/HTTPS requests and responses and modify them on the fly.
  • Save complete HTTP/HTTPS conversations for later replay and analysis.
  • Replay the client-side of an HTTP/HTTPS conversations.
  • Replay HTTP/HTTPS responses of a previously recorded server.
  • Reverse proxy mode to forward traffic to a specified server.
  • Transparent proxy mode on OSX and Linux.
  • Make scripted changes to HTTP/HTTPS traffic using Python.
  • SSL certificates for interception are generated on the fly.

Project Homepage

441 questions
3
votes
0 answers

Use mitmproxy to serve responses from disk

I am trying to capture a HLS Download to my hard drive and then serve the same HLS download from my hard drive. I'm trying to do this with a python addon that looks as follows. In essence I write the response to file it if matches my criteria. Then…
Idr
  • 6,000
  • 6
  • 34
  • 49
3
votes
2 answers

MITM attack reported on deprecated NSURLConnectionDelegate

I have an Objective-C project whose .ipa was tested with this tool online: https://www.immuniweb.com/mobile It reports that my app has a high risk security issue, pointing to the canAuthenticateAgainstProtectionSpace in the NSURLConnectionDelegate…
nr5
  • 4,228
  • 8
  • 42
  • 82
3
votes
0 answers

Mitmproxy not working with snapchat or instagram

So if I use mitmproxy on my mac and then connect to the proxy on my phone and install the certificate, I can inspect traffic from some apps like firefox, crossy road, etc. So it is definitely working. However, when I try to open Snapchat or…
Evan
  • 41
  • 7
3
votes
1 answer

Mitm proxy with certificate pinned application

I am trying to simulate MITM attack over signal's android messaging application. It's open source, so I put the mitmproxy-ca-cert.pem in android application for pinning and in the mobile trusted certificates too. I am still not getting any query to…
tarun14110
  • 940
  • 5
  • 26
  • 57
3
votes
3 answers

mitmproxy & python - ignore all hosts with https/ssl

I've done alot of research, and I can't find anything which actually solves my issue. Since basically no site accepts mitmdumps certificate for https, I want to ignore those hosts. I can access a specific website with "--ignore-hosts (ip)" like…
Eclipsum
  • 73
  • 1
  • 6
3
votes
1 answer

How to access website running locally with custom domain & SSL on mobile phone?

I have a WordPress (WP) blog running locally on my machine (OSX). The WP Site URL setting is set to https://abc.dev and I can access the site without any problem on my machine's browser. Visually, it looks like this: The WP site running on port 443…
Zulhilmi Zainudin
  • 9,017
  • 12
  • 62
  • 98
3
votes
1 answer

Mitmproxy, push own WebSocket message

I inspect a HTTPS WebSocket traffic with Mitmproxy. Currently I can read/edit WS messages with: class Intercept: def websocket_message(self, flow): print(flow.messages[-1]) def start(): return Intercept() .. as attached script to…
Alexey
  • 2,582
  • 3
  • 13
  • 31
3
votes
1 answer

How to install mitmproxy certificates in fedora 25 system?

I have fedora 25. I read this article - http://docs.mitmproxy.org/en/stable/certinstall.html#certinstall, but information for fedora is not exists. How to install mitmproxy certificates for fedora 25?
synacker
  • 1,722
  • 13
  • 32
3
votes
1 answer

Exit mitmdump from a python script

How can I exit mitmpdump command from a script? Tried sys.exit(0) but it doesn't finish the process mitmpdump, it only stops filtering. This is my script """ This script adds a filter. Usage: mitmdump -s "script.py" """ import sys from mitmproxy…
Jorge Sampayo
  • 838
  • 9
  • 24
3
votes
1 answer

How to use OWASP ZAP for MiTM attack on Android?

I know that I have not handled MiTM in my Android application and it might be vulnerable. I want to test scenario by connecting my Android phone via proxy (my laptop) and using any possible tools to check for MiTM attack.
Hussain Mansoor
  • 2,934
  • 2
  • 27
  • 40
3
votes
1 answer

How to re-order HTTP headers?

I was wondering if there was any way to re-order HTTP headers that are being sent by our browser, before getting sent back to the web server? Since the order of the headers leaves some kind of "fingerprinting", see this post and this post, I was…
Tux
  • 51
  • 6
3
votes
0 answers

Dump to file Https decrypted traffic

How can I dump to file, using mitmdump or mitmproxy, the decrypted https traffic ? Also is it possible to write on a file only a traffic come from to a particular ip address ?
famedoro
  • 1,223
  • 2
  • 17
  • 41
3
votes
2 answers

how to send traffic from mitmproxy to another proxy server

I have a need to redirect mitmproxy to another proxy server. Let say an example. Browser -> mitmproxy -> fiddler Browser proxy was set to 8089 mitmproxy is running on 8089 fiddler listening on 8090 now how can i do proxy forward mitmproxy using…
user2366330
  • 55
  • 2
  • 6
3
votes
0 answers

How to use MITMPROXY to replicate Charles' Map Remote feature

I'm trying to replicate the functionality provided by the Map Remote feature in Charles using MITMPROXY on OS X 10.9. What I want to do is replace any request for desiredurl.com with a request for desiredurl.ca (I'm open to any answer which tells me…
John Coxon
  • 570
  • 1
  • 3
  • 15
2
votes
0 answers

use mitmproxy how to get response data in python code like Browsermob-Proxy method with out alternative file or database

I have completed a tiny selenium spider project with Browsermob-Proxy, but the Browsermob-Proxy written by java, I need to package whole project file into a single executable file, but use Browsermob-Proxy is unavailable job! So I plan use mitmproxy…
summer desire
  • 21
  • 4
1 2 3
29 30