{"id":48109589,"url":"https://github.com/sailro/httpproxymcp","last_synced_at":"2026-04-04T16:01:48.349Z","repository":{"id":343816189,"uuid":"1179170978","full_name":"sailro/HttpProxyMcp","owner":"sailro","description":"An HTTP/HTTPS MITM proxy with full traffic capture, exposed as an MCP server so LLMs can inspect, filter, and analyze network traffic through natural language.","archived":false,"fork":false,"pushed_at":"2026-03-18T20:02:18.000Z","size":209,"stargazers_count":7,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-03-19T07:20:17.396Z","etag":null,"topics":["capture","har","http","https","llm","mcp","mcp-server","proxy"],"latest_commit_sha":null,"homepage":"","language":"C#","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sailro.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2026-03-11T19:00:30.000Z","updated_at":"2026-03-18T20:03:13.000Z","dependencies_parsed_at":"2026-04-04T16:01:10.141Z","dependency_job_id":null,"html_url":"https://github.com/sailro/HttpProxyMcp","commit_stats":null,"previous_names":["sailro/httpproxymcp"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/sailro/HttpProxyMcp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sailro%2FHttpProxyMcp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sailro%2FHttpProxyMcp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sailro%2FHttpProxyMcp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sailro%2FHttpProxyMcp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sailro","download_url":"https://codeload.github.com/sailro/HttpProxyMcp/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sailro%2FHttpProxyMcp/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31405202,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-04T10:20:44.708Z","status":"ssl_error","status_checked_at":"2026-04-04T10:20:06.846Z","response_time":60,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["capture","har","http","https","llm","mcp","mcp-server","proxy"],"created_at":"2026-04-04T16:00:46.079Z","updated_at":"2026-04-04T16:01:48.310Z","avatar_url":"https://github.com/sailro.png","language":"C#","readme":"# HttpProxyMcp\n[![Build status](https://github.com/sailro/HttpProxyMcp/workflows/CI/badge.svg)](https://github.com/sailro/HttpProxyMcp/actions?query=workflow%3ACI)\n\nAn HTTP/HTTPS MITM proxy with full traffic capture, exposed as an **MCP server** so LLMs can inspect, filter, and analyze network traffic through natural language.\n\nBuilt with .NET 10, C#, SQLite, and the [Model Context Protocol](https://modelcontextprotocol.io/).\n\n## What It Does\n\n```\nBrowser/App  ──►  HttpProxyMcp (localhost:8080)  ──►  Internet\n                        │\n                        ▼\n                   SQLite DB (all traffic stored)\n                        │\n                        ▼\n                   MCP Server (stdio)\n                        │\n                        ▼\n               LLM (Copilot CLI, VS Code, etc.)\n```\n\n- **MITM proxy** intercepts HTTP and HTTPS traffic (dynamic certificate generation)\n- **Stores everything** — requests, responses, headers, bodies, timing — in SQLite\n- **Auto-configures Windows system proxy** — no manual browser setup needed (like Fiddler)\n- **MCP server** exposes 14 tools for LLMs to query and control the proxy\n- **HAR 1.2 export** — export captured sessions to standards-compliant HAR files with granular timings and server IPs\n\n## Quick Start\n\n### Prerequisites\n\n- [.NET 10 SDK](https://dotnet.microsoft.com/download/dotnet/10.0)\n\n### Run the MCP Server\n\n```bash\ndotnet run --project src/HttpProxyMcp.McpServer\n```\n\nThe server communicates over **stdio** using the MCP protocol. It's meant to be launched by an MCP client (Copilot CLI, VS Code, etc.), not run directly.\n\n### Configure Copilot CLI\n\nAdd to `~/.copilot/mcp-config.json`:\n\n```json\n{\n  \"mcpServers\": {\n    \"httpproxymcp\": {\n      \"command\": \"dotnet\",\n      \"args\": [\n        \"run\",\n        \"--project\",\n        \"C:\\\\path\\\\to\\\\src\\\\HttpProxyMcp.McpServer\\\\HttpProxyMcp.McpServer.csproj\"\n      ]\n    }\n  }\n}\n```\n\nRestart the CLI, then verify with `/mcp`.\n\n### Configure VS Code / Visual Studio\n\nAdd to `.copilot/mcp-config.json` in your repo root:\n\n```json\n{\n  \"mcpServers\": {\n    \"httpproxymcp\": {\n      \"command\": \"dotnet\",\n      \"args\": [\n        \"run\",\n        \"--project\",\n        \"path/to/src/HttpProxyMcp.McpServer/HttpProxyMcp.McpServer.csproj\"\n      ]\n    }\n  }\n}\n```\n\n## MCP Tools Reference\n\n### Proxy Control\n\n| Tool | Description | Key Parameters |\n|------|-------------|----------------|\n| `StartProxy` | Start the proxy | `port` (default: 8080), `enableSsl` (default: true), `setSystemProxy` (default: true) |\n| `StopProxy` | Stop the proxy and restore system proxy settings | — |\n| `GetProxyStatus` | Check if the proxy is running | — |\n\n### Session Management\n\nSessions are logical groupings of captured traffic (e.g., \"testing login flow\", \"debugging API\").\n\n| Tool | Description | Key Parameters |\n|------|-------------|----------------|\n| `CreateSession` | Create a new capture session | `name` |\n| `ListSessions` | List all sessions with entry counts | — |\n| `SetActiveSession` | Set which session captures new traffic | `sessionId` |\n| `CloseSession` | Close a session (stops capturing to it) | `sessionId` |\n| `DeleteSession` | Delete a session and all its traffic | `sessionId` |\n\n### Traffic Analysis\n\n| Tool | Description | Key Parameters |\n|------|-------------|----------------|\n| `ListTraffic` | List captured entries with filters | `hostname`, `method`, `urlPattern`, `statusCode`, `limit`, `offset` |\n| `GetTrafficEntry` | Get full request/response details | `id` |\n| `SearchBodies` | Search through request/response bodies | `searchText`, `limit` |\n| `GetStatistics` | Traffic stats by method, status, host | `sessionId` (optional) |\n| `ClearTraffic` | Delete captured traffic | `sessionId` (optional) |\n| `ExportHar` | Export session traffic to HAR 1.2 file | `sessionId`, `filePath` |\n\n## Sample Prompts\n\n### Getting Started\n\n```\nStart the proxy and create a session called \"browsing-test\"\n```\n\n```\nCheck the proxy status\n```\n\n### Analyzing Traffic\n\n```\nShow me all traffic captured so far\n```\n\n```\nList all requests to api.github.com\n```\n\n```\nShow me all POST requests that returned a 4xx status code\n```\n\n```\nGet the full details of traffic entry 42\n```\n\n### Searching Content\n\n```\nSearch for \"Authorization\" in request/response bodies\n```\n\n```\nFind all responses containing \"error\" in the body\n```\n\n### Statistics \u0026 Overview\n\n```\nShow me traffic statistics broken down by hostname\n```\n\n```\nHow many requests went to each API endpoint?\n```\n\n### Session Workflow\n\n```\nCreate a new session called \"login-flow\", then start the proxy.\nI'll log in to the app — after that, list all the traffic captured in that session.\n```\n\n```\nShow me all sessions and their traffic counts\n```\n\n### Stopping\n\n```\nStop the proxy\n```\n\n## How It Works\n\n### HTTPS Interception \u0026 Root CA Certificate\n\nThe proxy uses [Titanium.Web.Proxy](https://github.com/justcoding121/titanium-web-proxy) for MITM interception:\n\n1. On first start with SSL enabled, a **root CA certificate** is automatically generated\n2. For each HTTPS connection, a per-host certificate is dynamically signed by the root CA\n3. Request and response bodies are captured before forwarding\n\n#### Trusting the Root CA\n\nOn first run, Titanium.Web.Proxy generates a root CA and **prompts you to install it** into the Windows certificate store. Accept the prompt to trust the certificate — no manual commands needed.\n\nIf you need to reinstall it later (e.g., after deleting the PFX), simply restart the proxy — a new root CA will be generated and the install prompt will appear again.\n\nYou can also provide your own root CA via `ProxyConfiguration`:\n- `RootCertificatePath` — path to a custom PFX file\n- `RootCertificatePassword` — password for the PFX\n\nThe root CA is generated once and persisted for reuse across sessions.\n\n\u003e **Security note:** The root CA allows the proxy to decrypt all HTTPS traffic. Only install it on development machines. Remove it from the trust store when you're done.\n\n### System Proxy (Windows)\n\nWhen `setSystemProxy` is `true` (the default), the proxy automatically configures itself as the Windows system proxy — **no manual browser configuration needed** (like Fiddler).\n\n#### How it works\n\n- **On start**: Snapshots current proxy settings, then sets `HKCU\\...\\Internet Settings\\ProxyEnable=1` and `ProxyServer=localhost:{port}`\n- **On stop**: Restores the original proxy settings from the snapshot\n- Calls `InternetSetOption` to notify WinInet immediately — browsers pick up the change without restart\n\n#### Crash safety\n\nThe proxy registers multiple cleanup handlers to prevent leaving the system proxy dangling if the process terminates unexpectedly:\n\n| Handler | Covers |\n|---------|--------|\n| `AppDomain.ProcessExit` | Normal exit, `Environment.Exit()`, SIGTERM |\n| `Console.CancelKeyPress` | Ctrl+C / SIGINT |\n| `IDisposable.Dispose()` | DI container shutdown |\n\nAll three are idempotent — the proxy settings are restored exactly once regardless of how many handlers fire.\n\n\u003e **Limitation:** A forced kill (`taskkill /F` / SIGKILL) cannot be intercepted by any handler — this is an OS limitation. If this happens, restore manually:\n\u003e ```powershell\n\u003e Set-ItemProperty \"HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\" -Name ProxyEnable -Value 0\n\u003e ```\n\n#### Browser compatibility\n\n| Browser | System proxy | Notes |\n|---------|-------------|-------|\n| Chrome | ✅ Automatic | Follows Windows Internet Settings |\n| Edge | ✅ Automatic | Follows Windows Internet Settings |\n| IE | ✅ Automatic | Follows Windows Internet Settings |\n| Firefox | ❌ Manual | Uses its own proxy settings (Options → Network → Proxy) |\n| .NET HttpClient | ✅ Automatic | Respects system proxy by default |\n| curl | ❌ Manual | Use `curl --proxy http://localhost:8080` |\n\n#### Checking proxy status\n\n```powershell\n# Check if the system proxy is currently active:\nGet-ItemProperty \"HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\" | Select-Object ProxyEnable, ProxyServer\n```\n\n### Storage\n\nAll traffic is persisted to a SQLite database (`traffic.db`) using Dapper:\n\n- WAL mode for concurrent read/write performance\n- Indexed on hostname, URL, status code, method, and timestamp\n- Bodies stored as BLOBs (up to 10MB per body by default)\n- Foreign key cascading: deleting a session deletes its traffic\n\n### HAR 1.2 Export\n\nThe `ExportHar` tool exports captured traffic to a standards-compliant HAR 1.2 JSON file:\n\n```\nExport traffic session to HAR file for analysis in browser DevTools, Charles, Fiddler, or other tools\n```\n\n**Parameters:**\n- `sessionId` — Session GUID to export\n- `filePath` — Output path for the .har file (UTF-8 encoded, no BOM)\n\n**Captured Data:**\nEach HAR entry includes:\n- Request/response headers, cookies, query strings, HTTP methods\n- Request/response bodies (base64 for binary, UTF-8 text for text types)\n- HTTP version (HTTP/1.1, HTTP/2.0, etc.)\n- Server IP address (resolved IP of upstream server)\n- Granular timings: send, wait, receive (milliseconds)\n- Status codes, content types, redirect URLs\n- Entry timestamps (ISO 8601 format)\n\n**Database Schema:**\nThe proxy automatically captures 6 new fields for HAR export on startup:\n- `request_http_version` (HTTP version of request)\n- `response_http_version` (HTTP version of response)\n- `server_ip_address` (resolved server IP)\n- `timing_send_ms` (request send duration)\n- `timing_wait_ms` (time waiting for response)\n- `timing_receive_ms` (response receive duration)\n\nThese fields are added transparently to existing databases via `ALTER TABLE` — old captured traffic remains intact with NULL values for these fields.\n\n### Architecture\n\n```\nsrc/\n├── HttpProxyMcp.Core/       Models \u0026 interfaces\n├── HttpProxyMcp.Proxy/      MITM proxy engine + certificate manager + system proxy\n├── HttpProxyMcp.Storage/    SQLite persistence (Dapper)\n└── HttpProxyMcp.McpServer/  MCP stdio server, 14 tools, hosted service\ntests/\n└── HttpProxyMcp.Tests/      tests (xUnit + NSubstitute + FluentAssertions)\n```\n\n## Configuration\n\n`ProxyConfiguration` supports:\n\n| Property | Default | Description |\n|----------|---------|-------------|\n| `Port` | `8080` | Proxy listen port |\n| `EnableSsl` | `true` | Enable HTTPS MITM interception |\n| `SetSystemProxy` | `true` | Auto-configure Windows system proxy |\n| `RootCertificatePath` | `null` | Path to a custom root CA PFX file |\n| `RootCertificatePassword` | `null` | Password for the root CA PFX |\n| `MaxBodyCaptureBytes` | `10MB` | Max body size to capture per request/response |\n| `ExcludedHostnames` | `[]` | Hostnames to pass through without MITM |\n\n## Development\n\n```bash\n# Build\ndotnet build\n\n# Test\ndotnet test\n\n# Run\ndotnet run --project src/HttpProxyMcp.McpServer\n```\n\n## License\n\nMIT\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsailro%2Fhttpproxymcp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsailro%2Fhttpproxymcp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsailro%2Fhttpproxymcp/lists"}