5 comments

[ 2.1 ms ] story [ 27.0 ms ] thread
Author here.

MITMProxy is a tool I reach for when I need to know what requests and responses something is making.

I was introduced to it when tracing bugs between a docker client and non-api conforming docker registry. But since then I find myself reaching for it whenever I want to see the https requests something I am running is making. It's a bit of a pain to the CA, so I thought I would document the steps, including how to man in the middle requests of a docker container you are running.

I know some people reach for Wireshark to look at network requests, but I've never really mastered Wireshark. mitmproxy has a very intuitive UI and is excellant if you just interested in http and https requests.

Have you ever tried HTTP Toolkit? See https://httptoolkit.tech/ (disclaimer: I'm the author)

It quite a few features on top of the core MITM functionality, like automated setup for a bunch of use cases like browsers & Android interception (not Docker, yet, but it's coming!). If you're an avid mitmproxy user I'd love to know what you think.

Very cool. I'll check it out! It does look easier to setup. Does it work the same way? By adding a trusted CA into the keychain list?

The docker use-case is tricky, as images are immutable so you have to basically create a new image with the cert in place.

Sort of: it generates a certificate, and you _can_ add it to the keychain just like mitmproxy etc, but by default it avoids doing that, because you don't need to globally trust the CA cert for most use cases, and avoiding doing so if you can is nice for security (more details: https://httptoolkit.tech/blog/debugging-https-without-global...).

Instead, it injects the certificate & proxy settings manually into intercepted targets as it launches them. So you can intercept a single Chrome window or all processes launched from a single terminal window without affecting any of the rest of your system.

Interesting! I can see why that might be a better model for the places it can work.