
Show HN: Mitmproxy 3.0 released, an open-source console-based proxy - mhils
https://mitmproxy.org/posts/releases/mitmproxy3/
======
wiradikusuma
I used mitmproxy a few days ago, trying to compare my implementation of some
API client. It feels lightweight, but getting started can be confusing. I used
the command line, and I had difficulty finding the shortcuts.

Their homepage shows "brew install mitmproxy" front and center. Ok good.
Installed. What's next? A 5-minute tutorial e.g. how to spy Tinder API can go
a long way.

~~~
mhils
Thanks! This is something we're subconsciously aware of, but it's helpful to
hear it as explicit feedback. :) The first steps towards that were indeed OS-
specific install instructions on our new website. We currently have a user
survey (there's no telemetry in mitmproxy) to see what we should focus on for
a 5-minute tutorial.

~~~
mynewtb
> there's no telemetry in mitmproxy

Thank you kindly!

------
cellularmitosis
My ~/bin/mitmproxy.sh:

    
    
      interface=$( ifconfig en0 | grep inet | grep -v inet6 | awk '{ print $2 }' )
      mitmproxy --no-mouse -b $interface
    

Edit: This causes the IP address to show up in the mitmproxy UI. I use mitm
for iOS development, and having my IP visible is handy when setting up the
phone to use a proxy.

~~~
kalev
Brilliant, thanks so much!

------
finchisko
I'm using mitmproxy as super easy to setup SSL reverse proxy for local html5
development as many API nowadays require ssl to work.

~~~
simonw
That sounds really useful. Could you share the recipe for getting that running
- is it just a one-line console command?

~~~
SeriousM
[https://mitmproxy.org/docs/latest/concepts-modes/#reverse-
pr...](https://mitmproxy.org/docs/latest/concepts-modes/#reverse-proxy)

It's an operation mode, no recipe

~~~
simonw
Looks like "mitmdump -p 443 -R [http://localhost:80/"](http://localhost:80/")
should do the trick

~~~
finchisko
yes, that's it

And also install self signed mitmproxy certs to your device.

------
jkereako
I'm happy to see this. I switched to MITM from Charles a couple months ago.
The documentation for 3.0 is, in my opinion, much clearer.

~~~
rimliu
I think MITM had the limitation that you could proxy only traffic from the
different machine. Was/is it the case, or did I just get something wrong?
Because if that's true Charles has an advantege there.

~~~
mhils
It's technically possible, but requires iptables or equivalents. For now, if
you want to proxy the whole machine, Charles is your way to go!

------
hartror
Using mitmproxy as a reverse proxy from local development to our development
servers. A few lines of code and we have authentication headers attached w/o
having to manage them between projects.

------
_pdp_
Shameless plug: We are building a desktop proxy based on our streaming proxy
module for node (node-proxify if you have time to check it out). Funny timing.
We are doing a beta release next week
([https://secapps.com/appbandit](https://secapps.com/appbandit)). You might
hate the fact that this is yet another electron app but we are adding a tone
of useful features which I am sure most people will find very useful in many
different tasks. A cli version is also on its way.

------
strin
This is super cool. I've used mitmproxy 2.0 in my project ([http://world-of-
bits.com](http://world-of-bits.com)) to create an offline approximation of the
website. We were trying to create a digital environment for AI agents to learn
to interact with the web. The proxy captures a good amount of HTTP traffic.

------
Jonovono
Another one that I worked with and quite liked is Anyproxy
([https://github.com/alibaba/anyproxy](https://github.com/alibaba/anyproxy))

------
KORraN
Is there an easy way to set latency for chosen responses? I guess it's
possible using mitmdump with custom Python script, but maybe there is such a
feature built-in?

~~~
mhils
Not yet, although this would make a great fit for the new addon mechanism. :)

------
cjbprime
Neat! But certificate pinning (or rather, CA pinning) inside app binaries is
getting more common, is there any way around that with mitmproxy?

~~~
heinrichf
Is there a way around that at all without modifying the binaries ?

~~~
cjbprime
I don't expect so, I guess I'm wondering if the mitmproxy community has any
insight into what they'd do to the binaries.

~~~
tuxxy
Last time I did this, I had to reverse the binaries and remove the cert
pinning code. There are a few examples of this around the place, but it can
get fairly complex pretty quickly.

------
brian_herman
Is there any way to use this on .net applications I tried putting this in
between a business logic and web tier but I couldn't get it to work. The
things were compressed but I couldn't figure out how to enable decompression.

~~~
mhils
Decompression is usually done automatically, we also try to render some binary
application-layer protocols (e.g. protobufs). If you feel that wasn't the
case, please lodge an issue on GitHub. :)

~~~
cellularmitosis
Perhaps his Content-Encoding header was bad?

------
vincent42
Oh, congrats to the team :) Hope you are doing well max!

------
turdnagel
Is there a way to use mitmproxy with secure websockets?

