{"id":13827398,"url":"https://github.com/jvilk/mitmproxy-node","last_synced_at":"2026-03-12T00:33:28.238Z","repository":{"id":46803232,"uuid":"109285178","full_name":"jvilk/mitmproxy-node","owner":"jvilk","description":"A bridge between Python's mitmproxy and Node.JS programs. Rewrite network requests using Node.JS!","archived":false,"fork":false,"pushed_at":"2021-09-24T17:38:06.000Z","size":126,"stargazers_count":93,"open_issues_count":9,"forks_count":15,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-11-27T09:15:57.520Z","etag":null,"topics":["man-in-the-middle","mitm","mitmproxy","proxy","rewriting","transparent","transparent-https-proxy","transparent-proxy"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jvilk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-11-02T15:44:24.000Z","updated_at":"2025-09-17T06:47:18.000Z","dependencies_parsed_at":"2022-08-12T13:01:20.793Z","dependency_job_id":null,"html_url":"https://github.com/jvilk/mitmproxy-node","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/jvilk/mitmproxy-node","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jvilk%2Fmitmproxy-node","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jvilk%2Fmitmproxy-node/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jvilk%2Fmitmproxy-node/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jvilk%2Fmitmproxy-node/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jvilk","download_url":"https://codeload.github.com/jvilk/mitmproxy-node/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jvilk%2Fmitmproxy-node/sbom","scorecard":{"id":544833,"data":{"date":"2025-08-11","repo":{"name":"github.com/jvilk/mitmproxy-node","commit":"70157fa4fc6894873d196e3622d1ad1ec383c470"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.3,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Code-Review","score":1,"reason":"Found 3/27 approved changesets -- score normalized to 1","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":7,"reason":"3 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-5v72-xg48-5rpm","Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q","Warn: Project is vulnerable to: PYSEC-2021-95 / GHSA-8ch4-58qp-g3mp"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 6 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-20T09:13:03.190Z","repository_id":46803232,"created_at":"2025-08-20T09:13:03.190Z","updated_at":"2025-08-20T09:13:03.190Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30408484,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-11T22:36:59.286Z","status":"ssl_error","status_checked_at":"2026-03-11T22:36:57.544Z","response_time":84,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["man-in-the-middle","mitm","mitmproxy","proxy","rewriting","transparent","transparent-https-proxy","transparent-proxy"],"created_at":"2024-08-04T09:01:55.450Z","updated_at":"2026-03-12T00:33:28.192Z","avatar_url":"https://github.com/jvilk.png","language":"TypeScript","readme":"# mitmproxy-node 2.1.1\n\nA bridge between Python's [`mitmproxy`](https://mitmproxy.org/) and Node.JS programs. Rewrite network requests using Node.JS!\n\n## Why?\n\nIt is far easier to rewrite JavaScript/HTML/etc using JavaScript than Python, but mitmproxy only accepts Python plugins.\nThere are no decent alternatives to mitmproxy, so this package lets me use mitmproxy with Node.js-based rewriting code.\n\n## What can I use this for?\n\nFor transparently rewriting HTTP/HTTPS responses. The mitmproxy plugin lets every HTTP request go through to the server uninhibited, and then passes it to Node.js via a WebSocket for rewriting. You can optionally specify a list of paths that should be directly intercepted without being passed to the server.\n\nIf you want to add additional functionality, such as filtering or whatnot, I'll accept pull requests so long as they do not noticeably hinder performance.\n\n## How does it work?\n\nA Python plugin for `mitmproxy` starts a WebSocket server, and `mitmproxy-node` talks with it over WebSocket messages. The two communicate via binary messages to reduce marshaling-related overhead.\n\n## Your Python plugin is bad and you should feel bad\n\nI have no idea what I am doing. PRs to improve my Python code are appreciated!\n\n## Pre-requisites\n\n* [`mitmproxy` V4](https://mitmproxy.org/) must be installed and runnable from the terminal. The install method cannot be a prebuilt binary or homebrew, since those packages are missing the Python websockets module. Install via `pip` or from source.\n* Python 3.6, since I use the new async/await syntax in the mitmproxy plugin\n* `npm install` to pull in Node and PIP dependencies.\n\n## Using\n\nYou can either start `mitmproxy` manually with `mitmdump --anticache -s scripts/proxy.py`, or `mitmproxy-node` will do so automatically for you.\n`mitmproxy-node` auto-detects if `mitmproxy` is already running.\nIf you frequently start/stop the proxy, it may be best to start it manually.\n\n```javascript\nimport MITMProxy from 'mitmproxy-node';\n\n// Returns Promise\u003cMITMProxy\u003e\nasync function makeProxy() {\n  // Note: Your interceptor can also be asynchronous and return a Promise!\n  return MITMProxy.Create(function(interceptedMsg) {\n    const req = interceptedMsg.request;\n    const res = interceptedMsg.response;\n    if (req.rawUrl.contains(\"target.js\") \u0026\u0026 res.getHeader('content-type').indexOf(\"javascript\") !== -1) {\n      interceptedMsg.setResponseBody(Buffer.from(`Hacked!`, 'utf8'));\n    }\n  }, ['/eval'] /* list of paths to directly intercept -- don't send to server */,\n  true /* Be quiet; turn off for debug messages */,\n  true /* Only intercept text or potentially-text requests (all mime types with *application* and *text* in them, plus responses with no mime type) */\n  );\n}\n\nasync function main() {\n  const proxy = await makeProxy();\n  // when done:\n  await proxy.shutdown();\n}\n```\n\nWithout fancy async/await:\n\n```javascript\nimport MITMProxy from 'mitmproxy-node';\n\n// Returns Promise\u003cMITMProxy\u003e\nfunction makeProxy() {\n  return MITMProxy.Create(function(interceptedMsg) {\n    const req = interceptedMsg.request;\n    const res = interceptedMsg.response;\n    if (req.rawUrl.contains(\"target.js\") \u0026\u0026 res.getHeader('content-type').indexOf(\"javascript\") !== -1) {\n      interceptedMsg.setResponseBody(Buffer.from(`Hacked!`, 'utf8'));\n    }\n  }, ['/eval'], true, true);\n}\n\nfunction main() {\n  makeProxy().then((proxy) =\u003e {\n    // when done\n    proxy.shutdown.then(() =\u003e {\n      // Proxy is closed!\n    });\n  });\n}\n```\n\n## Building\n\n`npm run build`\n","funding_links":[],"categories":["\u003ca id=\"b4959a15647a6dcf79901f76655d0ca8\"\u003e\u003c/a\u003emitmproxy"],"sub_categories":["\u003ca id=\"3bd67ee9f322e2c85854991c85ed6da0\"\u003e\u003c/a\u003e投毒\u0026\u0026Poisoning"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjvilk%2Fmitmproxy-node","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjvilk%2Fmitmproxy-node","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjvilk%2Fmitmproxy-node/lists"}