{"id":17078845,"url":"https://github.com/hatoo/http-mitm-proxy","last_synced_at":"2025-06-20T03:37:28.303Z","repository":{"id":208918647,"uuid":"719928289","full_name":"hatoo/http-mitm-proxy","owner":"hatoo","description":"A HTTP proxy server library intended to be a backend of application like Burp proxy","archived":false,"fork":false,"pushed_at":"2024-10-19T06:43:18.000Z","size":279,"stargazers_count":19,"open_issues_count":3,"forks_count":2,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-10-19T09:49:06.325Z","etag":null,"topics":["http","proxy","proxy-server","rust"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hatoo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-11-17T07:49:13.000Z","updated_at":"2024-10-19T06:43:22.000Z","dependencies_parsed_at":"2024-01-13T10:08:29.112Z","dependency_job_id":"bb688591-4e5f-45b9-8a27-431282d4298f","html_url":"https://github.com/hatoo/http-mitm-proxy","commit_stats":null,"previous_names":["hatoo/http-mitm-proxy"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hatoo%2Fhttp-mitm-proxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hatoo%2Fhttp-mitm-proxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hatoo%2Fhttp-mitm-proxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hatoo%2Fhttp-mitm-proxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hatoo","download_url":"https://codeload.github.com/hatoo/http-mitm-proxy/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":230532448,"owners_count":18240792,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["http","proxy","proxy-server","rust"],"created_at":"2024-10-14T12:23:42.996Z","updated_at":"2024-12-20T04:07:36.088Z","avatar_url":"https://github.com/hatoo.png","language":"Rust","readme":"# http-mitm-proxy\n\n[![Crates.io](https://img.shields.io/crates/v/http-mitm-proxy.svg)](https://crates.io/crates/http-mitm-proxy)\n\nA HTTP proxy server library intended to be a backend of application like Burp proxy.\n\n- Sniff HTTP and HTTPS traffic by signing certificate on the fly.\n- Server Sent Event\n- WebSocket (\"raw\" traffic only. Parsers will not be implemented in this crate.)\n\n## Usage\n\n```rust, no_run\nuse std::path::PathBuf;\n\nuse clap::{Args, Parser};\nuse http_mitm_proxy::{DefaultClient, MitmProxy};\nuse hyper::service::service_fn;\nuse moka::sync::Cache;\nuse tracing_subscriber::EnvFilter;\n\n#[derive(Parser)]\nstruct Opt {\n    #[clap(flatten)]\n    external_cert: Option\u003cExternalCert\u003e,\n}\n\n#[derive(Args, Debug)]\nstruct ExternalCert {\n    #[arg(required = false)]\n    cert: PathBuf,\n    #[arg(required = false)]\n    private_key: PathBuf,\n}\n\nfn make_root_cert() -\u003e rcgen::CertifiedKey {\n    let mut param = rcgen::CertificateParams::default();\n\n    param.distinguished_name = rcgen::DistinguishedName::new();\n    param.distinguished_name.push(\n        rcgen::DnType::CommonName,\n        rcgen::DnValue::Utf8String(\"\u003cHTTP-MITM-PROXY CA\u003e\".to_string()),\n    );\n    param.key_usages = vec![\n        rcgen::KeyUsagePurpose::KeyCertSign,\n        rcgen::KeyUsagePurpose::CrlSign,\n    ];\n    param.is_ca = rcgen::IsCa::Ca(rcgen::BasicConstraints::Unconstrained);\n\n    let key_pair = rcgen::KeyPair::generate().unwrap();\n    let cert = param.self_signed(\u0026key_pair).unwrap();\n\n    rcgen::CertifiedKey { cert, key_pair }\n}\n\n#[tokio::main]\nasync fn main() {\n    let opt = Opt::parse();\n\n    tracing_subscriber::fmt()\n        .with_env_filter(EnvFilter::from_default_env())\n        .init();\n\n    let root_cert = if let Some(external_cert) = opt.external_cert {\n        // Use existing key\n        let param = rcgen::CertificateParams::from_ca_cert_pem(\n            \u0026std::fs::read_to_string(\u0026external_cert.cert).unwrap(),\n        )\n        .unwrap();\n        let key_pair =\n            rcgen::KeyPair::from_pem(\u0026std::fs::read_to_string(\u0026external_cert.private_key).unwrap())\n                .unwrap();\n\n        let cert = param.self_signed(\u0026key_pair).unwrap();\n\n        rcgen::CertifiedKey { cert, key_pair }\n    } else {\n        make_root_cert()\n    };\n\n    let root_cert_pem = root_cert.cert.pem();\n    let root_cert_key = root_cert.key_pair.serialize_pem();\n\n    let proxy = MitmProxy::new(\n        // This is the root cert that will be used to sign the fake certificates\n        Some(root_cert),\n        Some(Cache::new(128)),\n    );\n\n    let client = DefaultClient::new().unwrap();\n    let server = proxy\n        .bind(\n            (\"127.0.0.1\", 3003),\n            service_fn(move |req| {\n                let client = client.clone();\n                async move {\n                    let uri = req.uri().clone();\n\n                    // You can modify request here\n                    // or You can just return response anywhere\n\n                    let (res, _upgrade) = client.send_request(req).await?;\n\n                    println!(\"{} -\u003e {}\", uri, res.status());\n\n                    // You can modify response here\n\n                    Ok::\u003c_, http_mitm_proxy::default_client::Error\u003e(res)\n                }\n            }),\n        )\n        .await\n        .unwrap();\n\n    println!(\"HTTP Proxy is listening on http://127.0.0.1:3003\");\n\n    println!();\n    println!(\"Trust this cert if you want to use HTTPS\");\n    println!();\n    println!(\"{}\", root_cert_pem);\n    println!();\n\n    /*\n        Save this cert to ca.crt and use it with curl like this:\n        curl https://www.google.com -x http://127.0.0.1:3003 --cacert ca.crt\n    */\n\n    println!(\"Private key\");\n    println!(\"{}\", root_cert_key);\n\n    server.await;\n}\n```\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhatoo%2Fhttp-mitm-proxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhatoo%2Fhttp-mitm-proxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhatoo%2Fhttp-mitm-proxy/lists"}