An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Go to file
Aldo Cortesi 00942c1431 Add upstream certificate lookup.
This initiates a connection to the server to obtain certificate information to
generate interception certificates. At the moment, the information used is the
Common Name, and the list of Subject Alternative Names.
2012-02-27 15:05:45 +13:00
doc-src Crush PNGs in docs. 2012-02-25 14:45:00 +13:00
examples Add two more examples: dup_and_replay.py and modify_querystring.py 2012-02-23 15:43:04 +13:00
libmproxy Add upstream certificate lookup. 2012-02-27 15:05:45 +13:00
scripts Add a script to generate a contributors list, and use it to make a CONTRIBUTORS file. 2011-03-19 20:34:53 +13:00
test Add upstream certificate lookup. 2012-02-27 15:05:45 +13:00
.gitignore Simple record & playback functionality 2011-02-10 02:59:51 +01:00
CHANGELOG Confirm when we clear a request body to add a form. 2012-02-23 16:27:08 +13:00
CONTRIBUTORS Crush PNGs in docs. 2012-02-25 14:45:00 +13:00
LICENSE Add an "SSL exception" to the license. 2011-06-02 10:43:11 +12:00
MANIFEST.in Add README.txt for PyPi. 2012-02-25 13:16:30 +13:00
README.mkd Add README.txt for PyPi. 2012-02-25 13:16:30 +13:00
README.txt Improve README.txt legibility, add some trove classifiers. 2012-02-25 13:36:08 +13:00
mitmdump Address an issue that allows a malicious client to place certificate files in arbitrary directories. 2012-01-21 14:26:36 +13:00
mitmproxy Refactor console. 2012-02-07 16:39:37 +13:00
setup.py Improve README.txt legibility, add some trove classifiers. 2012-02-25 13:36:08 +13:00
todo Start preparing for 0.7 2012-02-19 22:43:05 +13:00

README.txt

**mitmproxy** is an SSL-capable man-in-the-middle proxy for HTTP. It provides a
console interface that allows traffic flows to be inspected and edited on the
fly.

**mitmdump** is the command-line version of mitmproxy, with the same
functionality but without the user interface. Think tcpdump for HTTP.

Complete documentation and a set of practical tutorials is included in the
distribution package, and is also available at mitmproxy.org_.


Features
--------

- Intercept HTTP requests and responses and modify them on the fly.
- Save complete HTTP conversations for later replay and analysis.
- Replay the client-side of an HTTP conversations.
- Replay HTTP responses of a previously recorded server.
- Reverse proxy mode to forward traffic to a specified server.
- Make scripted changes to HTTP traffic using Python. 
- SSL certificates for interception are generated on the fly.


Download
--------

Releases and rendered documentation can be found on the mitmproxy website:

mitmproxy.org_

Source is hosted on github: 

`github.com/cortesi/mitmproxy`_


Community
---------

Come join us in the #mitmproxy channel on the OFTC IRC network
(irc://irc.oftc.net:6667).

We also have a mailing list, hosted here:

http://groups.google.com/group/mitmproxy


Requirements
------------

* Python_ 2.6.x or 2.7.x.
* openssl_ - installed by default on most systems.
* urwid_  version 0.9.8 or newer.
* The test suite uses the pry_ unit testing
  library.
* Rendering the documentation requires countershape_.

**mitmproxy** is tested and developed on OSX, Linux and OpenBSD. 

You should also make sure that your console environment is set up with the
following: 
    
* EDITOR environment variable to determine the external editor.
* PAGER environment variable to determine the external pager.
* Appropriate entries in your mailcap files to determine external
  viewers for request and response contents.

.. _mitmproxy.org: http://mitmproxy.org
.. _github.com/cortesi/mitmproxy: http://github.com/cortesi/mitmproxy
.. _python: http://www.python.org
.. _openssl: http://www.openssl.org/
.. _urwid: http://excess.org/urwid/
.. _pry: http://github.com/cortesi/pry
.. _countershape: http://github.com/cortesi/countershape