MITMProxy

Description

mitmproxy is an SSL-capable man-in-the-middle HTTP proxy. It provides a console interface that allows traffic flows to be inspected and edited on the fly. Also shipped is mitmdump, the command-line version of mitmproxy, with the same functionality but without the frills. Think tcpdump for HTTP.

Usage

Syntax

mitmproxy [options]

Options

  -h, --help            show this help message and exit
  --version             show program's version number and exit
  -b ADDR               Address to bind proxy to (defaults to all interfaces)
  --anticache           Strip out request headers that might cause the server
                        to return 304-not-modified.
  --confdir CONFDIR     Configuration directory. (~/.mitmproxy)
  -e                    Show event log.
  -n                    Don't start a proxy server.
  -p PORT               Proxy service port.
  -P REVERSE_PROXY      Reverse proxy to upstream server:
                        http[s]://host[:port]
  -q                    Quiet.
  -r RFILE              Read flows from file.
  -s SCRIPT             Run a script.
  -t FILTER             Set sticky cookie filter. Matched against requests.
  -T                    Set transparent proxy mode.
  -u FILTER             Set sticky auth filter. Matched against requests.
  -v                    Increase verbosity. Can be passed multiple times.
  -w WFILE              Write flows to file.
  -z                    Try to convince servers to send us un-compressed data.
  -Z SIZE               Byte size limit of HTTP request and response bodies.
                        Understands k/m/g suffixes, i.e. 3m for 3 megabytes.
  --host                Use the Host header to construct URLs for display.
  --no-upstream-cert    Don't connect to upstream server to look up
                        certificate details.
  --debug
  --palette PALETTE     Select color palette: dark, light, solarized_dark,
                        solarized_light

Web App:
  -a                    Enable the mitmproxy web app.
  --appdomain domain    Domain to serve the app from.
  --appip ip            IP to serve the app from. Useful for transparent mode,
                        when a DNS entry for the app domain is not present.

Client Replay:
  -c PATH               Replay client requests from a saved file.

Server Replay:
  -S PATH               Replay server responses from a saved file.
  -k                    Kill extra requests during replay.
  --rheader RHEADERS    Request headers to be considered during replay. Can be
                        passed multiple times.
  --norefresh           Disable response refresh, which updates times in
                        cookies and headers for replayed responses.
  --no-pop              Disable response pop from response flow. This makes it
                        possible to replay same response multiple times.

Replacements:
  Replacements are of the form "/pattern/regex/replacement", where the
  separator can be any character. Please see the documentation for more
  information.

  --replace PATTERN     Replacement pattern.
  --replace-from-file PATH
                        Replacement pattern, where the replacement clause is a
                        path to a file.

Set Headers:
  Header specifications are of the form "/pattern/header/value", where the
  separator can be any character. Please see the documentation for more
  information.

  --setheader PATTERN   Header set pattern.

Proxy Authentication:
  Specify which users are allowed to access the proxy and the method used
  for authenticating them. These options are ignored if the proxy is in
  transparent or reverse proxy mode.

  --nonanonymous        Allow access to any user long as a credentials are
                        specified.
  --singleuser USER     Allows access to a a single user, specified in the
                        form username:password.
  --htpasswd PATH       Allow access to users specified in an Apache htpasswd
                        file.

SSL:
  --cert CERT           User-created SSL certificate file.
  --client-certs CLIENTCERTS
                        Client certificate directory.

Filters:
  See help in mitmproxy for filter expression syntax.

  -i INTERCEPT, --intercept INTERCEPT
                        Intercept filter expression.

Example

To Listen First Change Mozilla Proxy Settings to 127.0.0.1 and port 8080 (if you are using default port)

cyborg@cyborg:~$ sudo mitmproxy

mitmproxy MITMProxy

0 Comments

Leave a reply

CONTACT US

We're are building as a community and a team. Be a part of it.

Sending

©2017 Ztrela Knowledge Solutions Pvt. Ltd

Log in with your credentials

Forgot your details?