node-http-mitm-proxy - HTTP Man In The Middle (MITM) Proxy

  •        43

HTTP Man In The Middle (MITM) Proxy written in node.js. Supports capturing and modifying the request and response data. type definitions are now included in this project, no extra steps required.

https://github.com/joeferner/node-http-mitm-proxy

Dependencies:

async : ^2.5.0
mkdirp : ^0.5.1
node-forge : ^0.7.1
optimist : ^0.6.1
semaphore : ^1.1.0
ws : ^3.2.0

Tags
Implementation
License
Platform

   




Related Projects

rocky - Full-featured, middleware-oriented, programmatic HTTP and WebSocket proxy for node.js

  •    Javascript

A multipurpose, full-featured, middleware-oriented and hackable HTTP/S and WebSocket proxy with powerful built-in features such as versatile routing layer, traffic interceptor and replay to multiple backends, built-in balancer, traffic retry/backoff logic, hierarchical configuration, among others. Built for node.js/io.js.rocky can be fluently used programmatically or via command-line interface. It's framework agnostic, but you can optionally plug in with connect/express apps.

hyperfox - HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS cert generation.

  •    Go

Hyperfox is a security tool for proxying and recording HTTP and HTTPs communications on a LAN. Hyperfox is capable of forging SSL certificates on the fly if you provide it with a root CA certificate and its corresponding key. If the target machine recognizes the root CA as trusted, then HTTPs traffic can be successfully decrypted, intercepted and recorded.

toxy - Hackable HTTP proxy for resiliency testing and simulated network conditions

  •    Javascript

Hackable HTTP proxy to simulate server failure scenarios, resiliency and unexpected network conditions, built for node.js.It was mainly designed for failure resistance testing, when toxy becomes particularly useful in order to cover fault tolerance and resiliency capabilities of a system, especially in disruption-tolerant networks and service-oriented architectures, where toxy may act as MitM proxy among services in order to inject failure.

goproxy - Proxy is a high performance HTTP(S), websocket, TCP, UDP,Secure DNS, Socks5 proxy server implemented by golang

  •    Go

Pull Request is welcomed. First, you need to clone the project to your account, and then modify the code on the dev branch. Finally, Pull Request to dev branch of goproxy project, and contribute code for efficiency. PR needs to explain what changes have been made and why you change them. This page is the v6.0 manual, and the other version of the manual can be checked by the following link.

pokemon-go-mitm - 🎁 Pokemon Go MITM Proxy - Intercepts the traffic between your Pokemon Go app and their servers, decodes the protocol and gives you a handy tool to enrich your own game experience on the fly

  •    CoffeeScript

Pokemon Go MITM Proxy - Intercepts the traffic between your Pokemon Go App and their servers, decodes the protocol and gives you a handy tool to enrich your own game experience by altering the data on the fly.


mitmproxy - Intercept HTTP traffic for penetration testing

  •    Python

mitmproxy is an interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers. mitmproxy is an interactive, SSL-capable intercepting proxy with a console interface. mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP. mitmweb is a web-based interface for mitmproxy.

nuster - A web caching proxy server based on HAProxy

  •    C

Nuster is a simple yet powerful web caching proxy server based on HAProxy. It is 100% compatible with HAProxy, and takes full advantage of the ACL functionality of HAProxy to provide fine-grained caching policy based on the content of request, response or server status. Nuster is very fast, some test shows nuster is almost three times faster than nginx when both using single core, and nearly two times faster than nginx and three times faster than varnish when using all cores.

Pavuk

  •    C

Pavuk is a UNIX program used to mirror the contents of WWW documents or files. It transfers documents from HTTP, FTP, Gopher and optionally from HTTPS (HTTP over SSL) servers. Pavuk has an optional GUI based on the GTK2 widget set.

https-proxy

  •    

https-proxy is an small application which acts as an proxy which redirets local http connections to https connections. with this util you can do http over ssl with non-ssl browsers. also an small java url handler class is inclueded, which allows h

hoverfly - Lightweight service virtualization/API simulation tool for developers and testers

  •    Go

Hoverfly is a lightweight, open source API simulation tool. Using Hoverfly, you can create realistic simulations of the APIs your application depends on. Hoverfly is developed and maintained by SpectoLabs.

bettercap - A complete, modular, portable and easily extensible MITM framework.

  •    Ruby

bettercap is a complete, modular, portable and easily extensible MITM tool and framework with every kind of diagnostic and offensive feature you could need in order to perform a man in the middle attack. All dependencies will be automatically installed through the RubyGems system but in some cases you might need to install some system dependency in order to make everything work.

zan-proxy - An extensible proxy for PC/Mobile/APP developer

  •    Vue

Zan Proxy is an HTTP proxy server written in Node.js, which can be used to modify requests and mock reponse data. It is also a tool for custom DNS resolving and requests monitoring. The proxy server can be easily configured by a user-friendly interface. In addition, a mechanism is provided for developers to customize the behavior of the server. The website for management will be opened automatically.

node-mitm - Intercept and mock outgoing Node

  •    Javascript

Mitm.js is a library for Node.js (and Io.js) to intercept and mock outgoing network TCP and HTTP connections. Mitm.js intercepts and gives you a Net.Socket to communicate as if you were the remote server. For HTTP requests it even gives you Http.IncomingMessage and Http.ServerResponse — just like you're used to when writing Node.js servers. Except there's no actual server running, it's all just In-Process Interception™. Intercepting connections and requests is extremely useful to test and ensure your code does what you expect. Assert on request parameters and send back various responses to your code without ever having to hit the real network. Fast as hell and a lot easier to develop with than external test servers.

whistle - HTTP, HTTPS, WebSocket debugging proxy

  •    Javascript

whistle is a cross-platform web debugging tool based on Node.js. If the aboves can't satisfy your requirements, you can also use plugins to extend its capabilities.

nginx-websocket-proxy - nginx WebSocket Proxy

  •    

As of version 1.4, nginx is capable of forwarding WebSocket requests, so it can be used as a reverse proxy for HTTP, HTTPS, WS and WSS. Here are some simple example configuration snippets for WebSocket forwarding in nginx.

OpenLiteSpeed - High performance, lightweight, HTTP server

  •    C++

OpenLiteSpeed is a high-performance, lightweight, open source HTTP server developed and copyrighted by LiteSpeed Technologies. It is event driven and it can handle hundreds of thousands of concurrent connections without load spikes.

tinyproxy - tinyproxy - a light-weight HTTP/HTTPS proxy daemon for POSIX operating systems

  •    C

Tinyproxy is a small, efficient HTTP/SSL proxy daemon released under the GNU General Public License. Tinyproxy is very useful in a small network setting, where a larger proxy would either be too resource intensive, or a security risk. One of the key features of Tinyproxy is the buffering connection concept. In effect, Tinyproxy will buffer a high speed response from a server, and then relay it to a client at the highest speed the client will accept. This feature greatly reduces the problems with sluggishness on the Internet. If you are sharing an Internet connection with a small network, and you only want to allow HTTP requests to be allowed, then Tinyproxy is a great tool for the network administrator. For more info, please visit the Tinyproxy web site.

Nginx - HTTP and reverse proxy server

  •    C

Nginx [engine x] is an HTTP and reverse proxy server, as well as a mail proxy server, written by Igor Sysoev. It supports accelerated reverse proxying with caching, simple load balancing and fault tolerance, SSL and TLS SNI support, Name-based and IP-based virtual servers and lot more.

curl - A command line tool and library for transferring data with URL syntax, supporting HTTP, HTTPS, FTP, FTPS, GOPHER, TFTP, SCP, SFTP, SMB, TELNET, DICT, LDAP, LDAPS, FILE, IMAP, SMTP, POP3, RTSP and RTMP

  •    C

curl is used in command lines or scripts to transfer data. It is also used in cars, television sets, routers, printers, audio equipment, mobile phones, tablets, settop boxes, media players and is the internet transfer backbone for thousands of software applications affecting billions of humans daily.

ssh-mitm - SSH man-in-the-middle tool

  •    Shell

This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client will complain that the server's key has changed. But because 99.99999% of the time this is caused by a legitimate action (OS re-install, configuration change, etc), many/most users will disregard the warning and continue on.