How to set up mitmproxy for debugging an iOS app?

Install the mitmproxy CA certificate on your iOS device via a profile, configure the HTTP proxy in Wi-Fi settings, and ensure the app trusts user-installed certificates. The official docs provide step-by-step guides for platform-specific setup.

mitmproxy vs Burp Suite for security testing?

mitmproxy is free and open-source with strong scripting and customization for hands-on analysis, while Burp Suite offers more GUI features and automated scanning in its paid version. Choose mitmproxy for cost-effective, programmable interception or Burp for comprehensive, out-of-the-box auditing tools.

Can mitmproxy handle HTTP/2 traffic interception?

Yes, mitmproxy fully supports HTTP/2 along with HTTP/1 and WebSockets, allowing decryption and manipulation of modern web traffic. This is explicitly stated in the README's feature list for protocol coverage.

How to replay recorded traffic with mitmdump?

Use the `mitmdump -r` command to load a saved flow file and replay requests, optionally with scripts to modify responses. The documentation includes examples for automating traffic replay in testing scenarios.

Is mitmproxy safe to use on production systems?

mitmproxy is designed for debugging and testing, not production monitoring; it can introduce performance overhead and security risks if misconfigured. Always use it in controlled environments to avoid interfering with live traffic.

How to write a custom filter for mitmproxy traffic?

Create a Python script using the mitmproxy addon API to hook into events like `request` or `response`, then filter based on criteria like URLs or headers. The contrib repository has examples for common use cases.

Open-Awesome

mitmproxy

MITPythonv12.2.3

An interactive TLS-capable intercepting HTTP proxy for penetration testing and software development.

Visit Website GitHub

43.8k stars4.6k forks0 contributors

What is mitmproxy?

mitmproxy is an interactive, TLS-capable intercepting HTTP proxy that allows users to inspect, modify, and debug HTTP/1, HTTP/2, and WebSocket traffic. It solves the problem of analyzing encrypted network communications by providing tools to intercept and decrypt HTTPS traffic for security testing and development purposes.

Target Audience

Penetration testers, security researchers, and software developers who need to analyze and manipulate HTTP traffic for debugging, security assessment, or protocol development.

Value Proposition

Developers choose mitmproxy for its comprehensive feature set including TLS interception, multiple interface options, and support for modern web protocols, all available as free, open-source tools with an active community.

Overview

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Use Cases

Best For

Debugging HTTPS API calls in mobile or web applications
Security testing of web applications by intercepting and modifying requests
Analyzing network traffic patterns for performance optimization
Testing how applications handle malicious or malformed HTTP traffic
Educational purposes to understand HTTP protocol mechanics
Automating traffic manipulation through scripting and plugins

Not Ideal For

Environments requiring analysis of non-HTTP protocols like SMTP or FTP
Teams with strict security policies that prevent installing custom CA certificates
High-throughput production monitoring where performance and scalability are critical
Projects needing a drag-and-drop GUI for quick, visual network analysis

Pros & Cons

Pros

Interactive Console Interface

Provides a keyboard-driven console for real-time inspection and manipulation of HTTP traffic, allowing rapid debugging without leaving the terminal, as emphasized in the README's feature list.

SSL/TLS Interception

Decrypts HTTPS traffic by generating a custom CA certificate, enabling detailed analysis of encrypted communications for security testing, a core capability highlighted in the project description.

Multiple Interface Options

Offers console (mitmproxy), command-line (mitmdump), and web-based (mitmweb) interfaces, catering to different workflow preferences, as detailed in the README's overview of tools.

Traffic Recording & Replay

Allows capturing network sessions to files and replaying them later, useful for regression testing and scenario-based analysis, a key feature mentioned in the extracted information.

Cons

Certificate Setup Complexity

Intercepting SSL/TLS requires installing and trusting a custom CA certificate, which can be cumbersome on mobile devices or in restricted environments, adding overhead for initial setup.

Limited Protocol Support

Focused solely on HTTP/1, HTTP/2, and WebSockets; lacks native support for other modern protocols like gRPC or MQTT, restricting its utility for broader network analysis.

Steep Scripting Learning Curve

While extensible via Python scripts, writing custom addons requires knowledge of mitmproxy's API and programming skills, which may deter users seeking plug-and-play solutions.

Frequently Asked Questions

Related Projects

PyTorch - Tensors and Dynamic neural networks in Python with strong GPU acceleration

Tensors and Dynamic neural networks in Python with strong GPU acceleration

Stars100,590

Forks27,963

Last commit19 hours ago

FastAPI

FastAPI framework, high performance, easy to learn, fast to code, ready for production

Stars99,018

Forks9,408

Last commit3 days ago

ansible

Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy and maintain. Automate everything from code deployment to network configuration to cloud management, in a language that approaches plain English, using SSH, with no agents to install on remote systems. https://docs.ansible.com.

Stars68,816

Forks24,141