====== man-in-the-middle http(s) proxy mitmproxy ======
[[https://mitmproxy.org|mitproxy]] is a very cool and comfortable man-in-the-middle proxy server for https and http communications. just download the binary from their webpage and start one of the three executables. If you want a nice gui, ''mitmweb'' is a good choice, it will start a http(s) proxy on port ''8080'' and a webserver on port ''8081'' where you can see all the intercepted traffic and play with it.
the big advantage over the developer tools of chrome and firefox is simply, that it also works with curl and other applications :)
for fiefox and chrome check out the [[https://proxy-offline-browser.com/ProxySwitch/|ProxySwitch]] extension which allows you to easily enable and disable the use of a proxy server in those two browsers.
here is a config for mitmproxy running on the same machine:
[mitmproxy
http=127.0.0.1:8080
https=127.0.0.1:8080
noProxy=127.0.0.1:8080
]
===== Docker =====
there is also a docker container available. here is a snippet out of a docker-compose config if you want to add mitm to your project to analyze traffic from your apps:
proxy:
image: mitmproxy/mitmproxy
restart: always
networks:
- intranet
ports:
- 8888:8081
command: mitmweb --web-host 0.0.0.0 --ssl-insecure
(note the ''--ssl-insecure'' option was only needed when analyzing traffic going to a server with an invalid or self-signed certificate)
I have also added the following environment variables to the other containers, but i haven't found any linux utility that reads those yet, so you will probably have to manually configure the specific applications inside your containers for using a proxy.
environment:
HTTP_PROXY: "http://proxy:8080"
HTTPS_PROXY: "https://proxy:8080"
NO_PROXY: "127.0.0.1, localhost"