Intercept HTTP requests on linux

Try mitmproxy.

  • mitmproxy is an SSL-capable man-in-the-middle proxy for HTTP. It provides a console interface that allows traffic flows to be inspected and edited on the fly.

  • mitmdump is the command-line version of mitmproxy, with the same functionality but without the user interface. Think tcpdump for HTTP.

Features

  • Intercept HTTP requests and responses and modify them on the fly.
  • Save complete HTTP conversations for later replay and analysis.
  • Replay the client-side of an HTTP conversations.
  • Replay HTTP responses of a previously recorded server.
  • Reverse proxy mode to forward traffic to a specified server.
  • Make scripted changes to HTTP traffic using Python.
  • SSL certificates for interception are generated on the fly.

Screenshot

enter image description here

Example

I setup an example Jekyll Bootstrap app which is listening on port 4000 on my localhost. To intercept it's traffic I'd do the following:

% mitmproxy --mode reverse:http://localhost:4000 -p 4001

Then connect to my mitmproxy on port 4001 from my web browser (http://localhost:4001), resulting in this in mitmproxy:

ss of mitmproxy w/ JB #1

You can then select any of the GET results to see the header info associated to that GET:

ss of mitmproxy w/ JB #2


Try using Burp Proxy, sounds like what you need.


I use Wire Shark for this, if you provide all the server certs it wil even decypt HTTPS.

Tags:

Linux

Java

Http

Https

Recent Posts