tessl/pypi-mitmproxy
An interactive, SSL/TLS-capable intercepting proxy for HTTP/1, HTTP/2, and WebSockets.
- Workspace
- tessl
- Visibility
- Public
- Created
- Last updated
- Describes
'%3e%3cpath%20d='M3.389%209.069c0-.009.043-.033.029-.044L.029%207.77l3.287-1.197L6.574%207.77l.106.083.005%204-3.297%201.185V9.068ZM13.582%209.32V2.74l3.405%201.238v4.104L13.583%209.32ZM10.253%2014.66l-3.476%201.268v-4.027l3.476-1.313v4.072ZM10.253%2010.558l-3.476%201.239V7.784l3.476-1.268v4.042ZM10.253%2014.719v3.968L6.777%2020v-3.998l3.476-1.283ZM17%208.139v4.042l-3.418%201.239V9.378L17%208.138ZM3.3%2017.168%200%2015.943v-4.027l3.3%201.224v4.028ZM6.69%2011.916v4.027l-3.302%201.225v-4.072l3.301-1.18ZM6.69%203.743v4.012l-3.33-1.21V2.564l3.33%201.18Z'/%3e%3cpath%20d='M3.3%2013.066%200%2011.842V7.844l3.3%201.224v3.998ZM13.524%209.334l-.175.088.175-.014v4.027l-3.152%201.183-.06-.032v-3.983l1.986-.767-.111.006-1.876.657V6.531l3.213-1.224v4.027Zm-.263.133c-.065.008-.198.023-.233.088.065-.008.198-.023.233-.088Zm-.321.118c-.065.008-.198.023-.233.088.065-.009.198-.023.233-.088Zm-.321.118c-.066.008-.199.023-.234.088.065-.008.199-.023.234-.088ZM13.524%201.266v3.968l-3.213%201.195V2.46l3.213-1.194ZM10.253%202.475v3.968L6.777%207.726V3.743l3.476-1.268ZM8.2%204.458c-.304.064-.627.5-.708.79-.27.963.636%201.081%201.091.364.277-.437.354-1.308-.383-1.154ZM13.524%2013.51v3.983l-3.17%201.177c-.011%200-.043-.067-.043-.07v-3.895l3.213-1.195Zm-.884%201.63c-.495.085-1.068%201.015-.676%201.435.483.517%201.502-.636%201.147-1.246-.098-.169-.286-.221-.47-.19ZM10.165%202.387l-.037.065-3.395%201.249-3.345-1.212L6.88%201.21l3.285%201.178ZM13.437%201.177l-.088.073-3.057%201.127-3.034-1.082-.277-.133L10.151%200l3.286%201.177Z'/%3e%3c/g%3e%3cdefs%3e%3cclipPath%20id='a'%3e%3cpath%20fill='%23fff'%20d='M0%200h17v20H0z'/%3e%3c/clipPath%3e%3c/defs%3e%3c/svg%3e){kind=small}
To install, run
npx @tessl/cli install tessl/pypi-mitmproxy@12.1.0index.mddocs/
mitmproxy
A comprehensive HTTP/HTTPS/WebSocket proxy toolkit providing interactive proxy capabilities with real-time traffic interception, analysis, and modification. mitmproxy supports HTTP/1, HTTP/2, HTTP/3, and WebSocket protocols with full SSL/TLS capabilities, making it an essential tool for debugging, testing, and security analysis of web applications and APIs.
Package Information
- Package Name: mitmproxy
- Language: Python
- Installation:
pip install mitmproxy - Python Requirements: Python 3.12+
Core Imports
For HTTP flow handling:
from mitmproxy import http
from mitmproxy.http import HTTPFlow, Request, Response, HeadersFor flow management:
from mitmproxy import flow
from mitmproxy.flow import Flow, ErrorFor connection handling:
from mitmproxy import connection
from mitmproxy.connection import Client, Server, ConnectionStateBasic Usage
Running mitmproxy Tools
mitmproxy provides three main command-line interfaces:
# Interactive console interface
mitmproxy
# Command-line dump tool
mitmdump
# Web-based interface
mitmwebBasic HTTP Flow Interception
from mitmproxy import http
def request(flow: http.HTTPFlow) -> None:
"""Intercept and modify HTTP requests."""
# Log all requests
print(f"Request: {flow.request.method} {flow.request.url}")
# Modify request headers
flow.request.headers["X-Custom-Header"] = "Modified"
# Block specific requests
if "example.com" in flow.request.url:
flow.response = http.Response.make(403, b"Blocked")
def response(flow: http.HTTPFlow) -> None:
"""Intercept and modify HTTP responses."""
# Log responses
print(f"Response: {flow.response.status_code} for {flow.request.url}")
# Modify response content
if flow.response.headers.get("content-type", "").startswith("application/json"):
# Parse and modify JSON responses
data = flow.response.json()
data["intercepted"] = True
flow.response.set_text(json.dumps(data))Working with Flows Programmatically
from mitmproxy import io, http
# Read flows from file
with open("flows.mitm", "rb") as f:
reader = io.FlowReader(f)
for flow in reader.stream():
if isinstance(flow, http.HTTPFlow):
print(f"{flow.request.method} {flow.request.url}")
# Write flows to file
flows = [] # List of flows to save
with open("output.mitm", "wb") as f:
writer = io.FlowWriter(f)
for flow in flows:
writer.add(flow)Architecture
mitmproxy uses an event-driven architecture built around several key components:
- Master: Central orchestrator managing the proxy server and addon system
- Flow Types: Protocol-specific flow representations (HTTP, TCP, UDP, WebSocket)
- Addon System: Extensible plugin architecture for custom functionality
- Connection Management: Client/server connection abstraction and state tracking
- Certificate Management: Dynamic SSL/TLS certificate generation and validation
The addon system provides hooks at every stage of the proxy lifecycle, enabling comprehensive traffic analysis, modification, and custom protocol handling.
Capabilities
HTTP Flow Management
Core HTTP proxy functionality including request/response interception, modification, and analysis. Supports HTTP/1, HTTP/2, and HTTP/3 protocols with comprehensive header and content manipulation.
class HTTPFlow(Flow):
request: Request
response: Optional[Response]
error: Optional[Error]
class Request:
def __init__(self, host: str, port: int, method: bytes, scheme: bytes, authority: bytes, path: bytes, http_version: bytes, headers: Headers, content: bytes, trailers: Optional[Headers], timestamp_start: float, timestamp_end: Optional[float]) -> None: ...
class Response:
def __init__(self, http_version: bytes, status_code: int, reason: bytes, headers: Headers, content: bytes, trailers: Optional[Headers], timestamp_start: float, timestamp_end: float) -> None: ...Connection Management
Client and server connection handling with support for transparent proxying, upstream proxies, and complex network topologies. Includes TLS/SSL certificate management and protocol detection.
class Client(Connection):
address: Optional[Address]
tls_established: bool
certificate_list: Sequence[x509.Certificate]
alpn: Optional[bytes]
cipher: Optional[str]
class Server(Connection):
address: Optional[Address]
tls_established: bool
certificate_list: Sequence[x509.Certificate]
alpn: Optional[bytes]
cipher: Optional[str]Multi-Protocol Support
TCP, UDP, and WebSocket flow handling beyond HTTP, enabling comprehensive network traffic analysis and modification for various protocol types.
class TCPFlow(Flow):
messages: List[TCPMessage]
class UDPFlow(Flow):
messages: List[UDPMessage]
class WebSocketMessage:
type: int
content: bytes
from_client: bool
timestamp: floatFlow I/O and Persistence
Reading and writing flows to files for replay, analysis, and testing. Supports filtering and format conversion for various use cases.
class FlowReader:
def __init__(self, fo: BinaryIO) -> None: ...
def stream(self) -> Iterator[Flow]: ...
class FlowWriter:
def __init__(self, fo: BinaryIO) -> None: ...
def add(self, flow: Flow) -> None: ...
def read_flows_from_paths(paths: Sequence[str]) -> Iterator[Flow]: ...Configuration and Options
Comprehensive configuration system with type-safe options for proxy behavior, TLS settings, network configuration, and addon parameters.
class Options:
def __init__(self, **kwargs) -> None: ...
def set(self, key: str, value: Any) -> None: ...
def get(self, key: str) -> Any: ...
# Key configuration constants
CONF_DIR: str = "~/.mitmproxy"
CONF_BASENAME: str = "mitmproxy"
KEY_SIZE: int = 2048Addon Development
Extensible addon system for custom functionality with lifecycle hooks, event handling, and access to all proxy components. Includes built-in addons for common use cases.
def default_addons() -> List[Any]: ...
# Decorator for concurrent addon execution
def concurrent(func: Callable) -> Callable: ...
# Context access for addons
import mitmproxy.ctx as ctxContent Processing
Flexible content viewing, transformation, and analysis with support for various data formats and encoding schemes. Includes syntax highlighting and interactive content exploration.
class Contentview:
name: str
content_types: List[str]
def add(view: Contentview) -> None: ...
# Encoding utilities
def encode(data: bytes, encoding: str) -> bytes: ...
def decode(data: bytes, encoding: str) -> bytes: ...Command System
Type-safe command framework for interactive control and automation. Supports complex command composition and validation with built-in commands for all major operations.
class CommandManager:
def execute(self, cmdstr: str) -> Any: ...
def call(self, path: str, *args: Any) -> Any: ...
# Type system for commands
class TypeManager:
def command(self, name: str) -> Callable: ...Entry Points
mitmproxy provides three main entry points:
mitmproxy.tools.main:mitmproxy- Interactive console interface with full-screen TUImitmproxy.tools.main:mitmdump- Command-line interface for scripted operationsmitmproxy.tools.main:mitmweb- Web-based interface accessible via browser
Each entry point provides the same core functionality with different user interfaces optimized for specific use cases.