mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
What is mitmproxy?
mitmproxy is a free and open source interactive HTTPS proxy that allows you to intercept, inspect, modify, and replay web traffic. It’s an essential tool for:- Penetration testers debugging and testing web applications
- Software developers understanding API interactions
- Security researchers analyzing network protocols
- QA engineers testing edge cases and error conditions
Three Powerful Tools
mitmproxy comes with three distinct interfaces to suit different workflows:mitmproxy
Interactive console interface with vim-style keybindings
mitmdump
Command-line tool for automated traffic capture and processing
mitmweb
Modern web-based UI for visual traffic inspection
Key Features
Protocol Support
HTTP/1, HTTP/2, HTTP/3, WebSockets, and raw TCP/UDP
TLS Interception
Automatic certificate generation and SSL/TLS decryption
Traffic Modification
Modify requests and responses on the fly
Scripting & Addons
Powerful Python API for custom traffic manipulation
Multiple Proxy Modes
Regular, transparent, reverse, upstream, and SOCKS proxy
Flow Replay
Capture and replay HTTP conversations
DNS Interception
Control and intercept DNS resolution
Export Formats
Export to HAR, curl, httpie, and more
Quick Example
Here’s a simple addon that adds a custom header to all HTTP responses:http-add-header.py
mitmproxy requires Python 3.12 or later and is compatible with macOS, Linux, and Windows.
Community & Support
- GitHub: Report issues and contribute at github.com/mitmproxy/mitmproxy
- Discussions: Get help and share ideas in GitHub Discussions
- Documentation: Comprehensive guides at docs.mitmproxy.org
Next Steps
Installation
Install mitmproxy on your system
Quickstart
Get up and running in 5 minutes
Core Concepts
Learn how mitmproxy works
Addons & Scripting
Extend mitmproxy with Python