A Man-in-the-Middle Proxy "mitmproxy"

In cryptography and computer security, a man-in-the-middle (MITM) attack, or on-path attack, is a cyberattack where the attacker secretly relays and possibly alters the communications between two parties who believe that they are directly communicating with each other, where in actuality the attacker has inserted themselves between the two user parties.

Alternatively, we could also use the MITM technology to control the data stream over the network. The mitmproxy is a great tool for this purpose. It looks like a swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify, and replay web traffic such as HTTP/1, HTTP/2, HTTP/3, WebSockets, or any other SSL/TLS-protected protocols. You can prettify and decode a variety of message types ranging from HTML to Protobuf, intercept specific messages on the fly, modify them before they reach their destination, and replay them to a client or server later on.

The mitmproxy supports several kinds of proxy modes, including transparent proxy, reverse proxy, and upstream proxy. It can be used as a command-line tool, Python library, or web interface. It is also extensible and can be scripted in Python.

• regular: The default mode. Configure your client(s) to use an HTTP(S) proxy.
• local capture: Capture applications on the same device.
• wireguard: Capture external devices or individual Android apps.
• reverse: Put mitmproxy in front of a server.
• transparent: Capture traffic with custom network routes.
• tun interface: Create a virtual network device to capture traffic.
• upstream: Chain two HTTP(S) proxies.
• socks: Run a SOCKS5 proxy server.
• dns: Run a scriptable DNS server.