https://github.com/claudiaslibrary/mitm-proxy

This project is a Man-in-the-Middle (MITM) Proxy tool built using mitmproxy. It allows for real-time HTTP/HTTPS traffic interception, modification, and analysis.
https://github.com/claudiaslibrary/mitm-proxy

ethical-hacking man-in-the-middle mitm mitmproxy penetration-testing traffic-analysis

Last synced: 6 months ago
JSON representation

This project is a Man-in-the-Middle (MITM) Proxy tool built using mitmproxy. It allows for real-time HTTP/HTTPS traffic interception, modification, and analysis.

• Host: GitHub
• URL: https://github.com/claudiaslibrary/mitm-proxy
• Owner: ClaudiasLibrary
• Created: 2024-12-05T10:24:25.000Z (10 months ago)
• Default Branch: main
• Last Pushed: 2025-02-17T19:04:16.000Z (8 months ago)
• Last Synced: 2025-03-27T06:51:19.586Z (7 months ago)
• Topics: ethical-hacking, man-in-the-middle, mitm, mitmproxy, penetration-testing, traffic-analysis
• Language: Python
• Homepage:
• Size: 11.7 KB
• Stars: 3
• Watchers: 1
• Forks: 1
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# Man-In-The-Middle Proxy

This project is a Man-in-the-Middle (MITM) Proxy tool built using `mitmproxy`.

It allows for real-time HTTP/HTTPS traffic interception, modification, and analysis.

It includes advanced features such as SSL Pinning Bypass, WebSocket Modification, Dynamic SSL Certificates, and real-time traffic analysis with Elasticsearch integration.

## Theory behind the code

[Exploiting Wired Networks](https://claudiaslibrary.notion.site/Exploiting-Wired-Networks-13219f75683280ef8cdecaa2feca683e)

## Features

- **SSL Pinning Bypass**: Bypass SSL Pinning in mobile applications using Frida.

- **Dynamic SSL Certificate Handling**: Inject dynamic SSL certificates for each intercepted domain.

- **WebSocket Traffic Interception**: Intercept and modify WebSocket messages in real-time.

- **Real-Time Traffic Analysis**: Log and send intercepted traffic to Elasticsearch for real-time analysis.

- **Reporting & Visualization**: Generate dynamic HTML reports of the intercepted traffic using Jinja2 templates.

## Requirements

1. Python 3.x

2. mitmproxy

3. frida-tools (for SSL Pinning Bypass)

4. Elasticsearch (optional for real-time analysis)

5. Jinja2 (for HTML report generation)

### Install dependencies:

pip install -r requirements.txt

## Example:

Here is an example of how the mitmproxy runs after the user inputs the configuration:

```bash

Enter the listen host (default 0.0.0.0): 0.0.0.0

Enter the listen port (default 8080): 8080

Enter the proxy mode (default regular, options: regular, transparent, reverse): regular

Show host information in logs? (y/n, default: y): y

```

This starts the proxy on 0.0.0.0:8080 in regular mode, and the proxy will log detailed information about the traffic being intercepted.