What does HackerNews think of mitmproxy?

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Language: Python

#7 in HTTP
#45 in Python
#17 in Security
Evading JavaScript anti-debugging techniques | Aug 2023
note if all you care about is capturing the web requests, you can use something like MITM Proxy:

https://github.com/mitmproxy/mitmproxy

Scraping data from an app: real world example | Sep 2022
Expand Context ↕
I recently did something similar with good results (I found the api endpoints I was interested in) using the official Android emulator and https://github.com/mitmproxy/mitmproxy

I did have to jump through some hoops with the emulator and pushing my own ssl cert to it's RO system partition. But it was a few commands and easy enough.
Hijacking Email with Cloudflare Email Routing | Aug 2022
Expand Context ↕
Yup, 'Burp' refers to the free version of 'Burp Suite'. I don't use Burp Suite anymore though. Some months ago I started using mitmproxy (https://github.com/mitmproxy/mitmproxy) due to it's Python scripting API. I have never looked back since then.
Capture mobile HTTP&HTTPS and decrypt TLS with mitmproxy | Oct 2020
This is not using system proxy way. because some apps can choose not use system proxy. This is using TUN way. So all TCP can be captured to mitmproxy.

Requires:

[Desktop]: https://github.com/mitmproxy/mitmproxy

[Mobile iOS]: https://apps.apple.com/us/app/id1528537342

[Mobile Android]: https://play.google.com/store/apps/details?id=com.txthinking...

- Intercept HTTP & HTTPS requests and responses and modify them on the fly

- Save complete HTTP conversations for later replay and analysis

- Replay the client-side of an HTTP conversations

- Replay HTTP responses of a previously recorded server

- Reverse proxy mode to forward traffic to a specified server

- Transparent proxy mode on macOS and Linux

- Make scripted changes to HTTP traffic using Python

- SSL/TLS certificates for interception are generated on the fly

- And much, much more…

Telerik gets Fiddler unlisted from Chocolatey | Nov 2017
Expand Context ↕
Wireshark and Fiddler are both exceptional tools that serve vastly different purposes focusing on different OSI layers. Fiddler is an HTTP(S) proxy and Wireshark is a packet sniffer. While you can probably achieve in Wireshark what Fiddler offers, it's going to be an utter pain in the ass.

If you want an open-source alternative to Fiddler, consider mitmproxy [1].

[1] https://github.com/mitmproxy/mitmproxy
Ask HN: Anyone using Python's static typing in a large project? | Oct 2017
Dropbox and Instagram use mypy/typing actively. Also among open-source: https://github.com/home-assistant/home-assistant https://github.com/mitmproxy/mitmproxy https://github.com/sphinx-doc/sphinx

I would say the opposite, it is not very useful for small projects.

Reverse Engineering Native Apps by Intercepting Network Traffic | Jul 2016
Let us also mention the great mitmproxy, an open source equivalent to the Charles proxy: https://github.com/mitmproxy/mitmproxy / https://mitmproxy.org/
Devd: a small, self-contained web daemon for developers | Oct 2015
See also mitmproxy by the same developer. I find mitmproxy a joy to use.

https://github.com/mitmproxy/mitmproxy

Firefox Developer Edition | Nov 2014
Expand Context ↕
A MitM proxy like Charles (http://www.charlesproxy.com/) would be incredible. Debugging SSL issues is always difficult, and it would be great to have the tools all in one place.

Also, a shout-out to mitmproxy (https://github.com/mitmproxy/mitmproxy) which I've used on several occasions.