mitmproxy - Intercept HTTP traffic for penetration testing

  •        988

mitmproxy is an interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers. mitmproxy is an interactive, SSL-capable intercepting proxy with a console interface. mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP. mitmweb is a web-based interface for mitmproxy.

https://mitmproxy.org/
https://github.com/mitmproxy/mitmproxy

Tags
Implementation
License
Platform

   




Related Projects

SSLsplit - Transparent SSL/TLS interception

  •    C

SSLsplit is a tool for man-in-the-middle attacks against SSL/TLS encrypted network connections. It is intended to be useful for network forensics, application security analysis and penetration testing. SSLsplit is designed to transparently terminate connections that are redirected to it using a network address translation engine. SSLsplit then terminates SSL/TLS and initiates a new SSL/TLS connection to the original destination address, while logging all data transmitted.

node-http-mitm-proxy - HTTP Man In The Middle (MITM) Proxy

  •    Javascript

HTTP Man In The Middle (MITM) Proxy written in node.js. Supports capturing and modifying the request and response data. type definitions are now included in this project, no extra steps required.

Nginx - HTTP and reverse proxy server

  •    C

Nginx [engine x] is an HTTP and reverse proxy server, as well as a mail proxy server, written by Igor Sysoev. It supports accelerated reverse proxying with caching, simple load balancing and fault tolerance, SSL and TLS SNI support, Name-based and IP-based virtual servers and lot more.

goproxy - Proxy is a high performance HTTP(S), websocket, TCP, UDP,Secure DNS, Socks5 proxy server implemented by golang

  •    Go

Pull Request is welcomed. First, you need to clone the project to your account, and then modify the code on the dev branch. Finally, Pull Request to dev branch of goproxy project, and contribute code for efficiency. PR needs to explain what changes have been made and why you change them. This page is the v6.0 manual, and the other version of the manual can be checked by the following link.


ssh-mitm - SSH man-in-the-middle tool

  •    Shell

This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client will complain that the server's key has changed. But because 99.99999% of the time this is caused by a legitimate action (OS re-install, configuration change, etc), many/most users will disregard the warning and continue on.

proxify - Swiss Army knife Proxy tool for HTTP/HTTPS traffic capture, manipulation, and replay on the go

  •    Go

Swiss Army Knife Proxy for rapid deployments. Supports multiple operations such as request/response dump, filtering and manipulation via DSL language, upstream HTTP/Socks5 proxy. Additionally a replay utility allows to import the dumped traffic (request/responses with correct domain name) into burp or any other proxy by simply setting the upstream proxy to proxify. This will display help for the tool. Here are all the switches it supports.

ghostunnel - A simple SSL/TLS proxy with mutual authentication for securing non-TLS services

  •    Go

Ghostunnel is a simple TLS proxy with mutual authentication support for securing non-TLS backend applications.Ghostunnel supports two modes, client mode and server mode. Ghostunnel in server mode runs in front of a backend server and accepts TLS-secured connections, which are then proxied to the (insecure) backend. A backend can be a TCP domain/port or a UNIX domain socket. Ghostunnel in client mode accepts (insecure) connections through a TCP or UNIX domain socket and proxies them to a TLS-secured service. In other words, ghostunnel is a replacement for stunnel.

node-http-proxy - A full-featured http proxy for NodeJS

  •    Javascript

node-http-proxy is an HTTP programmable proxying library that supports websockets. It is suitable for implementing components such as reverse proxies and load balancers. When a request is proxied it follows two different pipelines, The first pipeline (incoming) is responsible for the creation and manipulation of the stream that connects your client to the target. The second pipeline (outgoing) is responsible for the creation and manipulation of the stream that, from your target, returns data to the client.

pokemon-go-mitm - 🎁 Pokemon Go MITM Proxy - Intercepts the traffic between your Pokemon Go app and their servers, decodes the protocol and gives you a handy tool to enrich your own game experience on the fly

  •    CoffeeScript

Pokemon Go MITM Proxy - Intercepts the traffic between your Pokemon Go App and their servers, decodes the protocol and gives you a handy tool to enrich your own game experience by altering the data on the fly.

evilginx - PLEASE USE NEW VERSION: https://github.com/kgretzky/evilginx2

  •    Python

Evilginx is a man-in-the-middle attack framework used for phishing credentials and session cookies of any web service. It's core runs on Nginx HTTP server, which utilizes proxy_pass and sub_filter to proxy and modify HTTP content, while intercepting traffic between client and server. I am aware that Evilginx can be used for very nefarious purposes. This work is merely a demonstration of what adept attackers can do. It is the defender's responsibility to take such attacks into consideration, when setting up defenses, and find ways to protect against this phishing method. Evilginx should be used only in legitimate penetration testing assignments with written permission from to-be-phished parties.

Kong - The Microservice API Gateway

  •    Lua

Kong is a cloud-native, fast, scalable, and distributed Microservice Abstraction Layer (also known as an API Gateway, API Middleware or in some cases Service Mesh). Backed by the battle-tested NGINX with a focus on high performance, Kong was made available as an open-source platform in 2015. Under active development, Kong is used in production at thousands of organizations from startups, Global 5000 and Government organizations.

pushpin - Reverse proxy for realtime web services

  •    C++

Pushpin is a reverse proxy server written in C++ that makes it easy to implement WebSocket, HTTP streaming, and HTTP long-polling services. The project is unique among realtime push solutions in that it is designed to address the needs of API creators. Pushpin is transparent to clients and integrates easily into an API stack. To assist with integration, there are libraries for many backend languages and frameworks. Pushpin has no libraries on the client side because it is transparent to clients.

multitor - A tool that lets you create multiple TOR instances with a load-balancing traffic between them by HAProxy

  •    Shell

A tool that lets you create multiple TOR instances with a load-balancing traffic between them by HAProxy. It's provides one single endpoint for clients. Support socks protocol and http-proxy servers: polipo, privoxy and hpts. In addition, you can view previously running TOR processes and create a new identity for all or selected processes. Multitor was created with the aim of initialize many TOR processes as quickly as possible. I could use many instances for my daily use programs (web browsers, messangers and other). In addition, I was looking for a tool that would increase anonymity when conducting penetration tests and testing the security of infrastructure.

rocky - Full-featured, middleware-oriented, programmatic HTTP and WebSocket proxy for node.js

  •    Javascript

A multipurpose, full-featured, middleware-oriented and hackable HTTP/S and WebSocket proxy with powerful built-in features such as versatile routing layer, traffic interceptor and replay to multiple backends, built-in balancer, traffic retry/backoff logic, hierarchical configuration, among others. Built for node.js/io.js.rocky can be fluently used programmatically or via command-line interface. It's framework agnostic, but you can optionally plug in with connect/express apps.

OpenLiteSpeed - High performance, lightweight, HTTP server

  •    C++

OpenLiteSpeed is a high-performance, lightweight, open source HTTP server developed and copyrighted by LiteSpeed Technologies. It is event driven and it can handle hundreds of thousands of concurrent connections without load spikes.

evilginx2 - Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

  •    Go

evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection. This tool is a successor to Evilginx, released in 2017, which used a custom version of nginx HTTP server to provide man-in-the-middle functionality to act as a proxy between a browser and phished website. Present version is fully written in GO as a standalone application, which implements its own HTTP and DNS server, making it extremely easy to set up and use.

sozu - Sōzu HTTP reverse proxy, configurable at runtime, fast and safe, built in Rust

  •    Rust

This will create the sozu executable for the reverse proxy, and sozuctl to command it. You can edit the reverse proxy's configuration with the config.toml file. You can declare new applications, their frontends and backends through that file, but for more flexibility, you should use the command socket (you can find one end of that unix socket at the path designed by command_socket in the configuration file).

nuster - A web caching proxy server based on HAProxy

  •    C

Nuster is a simple yet powerful web caching proxy server based on HAProxy. It is 100% compatible with HAProxy, and takes full advantage of the ACL functionality of HAProxy to provide fine-grained caching policy based on the content of request, response or server status. Nuster is very fast, some test shows nuster is almost three times faster than nginx when both using single core, and nearly two times faster than nginx and three times faster than varnish when using all cores.

frp - A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet

  •    Go

frp is a fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet. Now, it supports tcp, udp, http and https protocol when requests can be forwarded by domains to backward web services. Expose any http and https service behind a NAT or firewall to the internet by a server with public IP address(Name-based Virtual Host Support). Expose any tcp or udp service behind a NAT or firewall to the internet by a server with public IP address.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.