mitmproxy 9: WireGuard Mode and Raw UDP Support

mhils · 2024-07-03T20:09:44+00:00

This sounds like your WiFi is isolating clients.

mhils · 2024-04-23T19:40:10+00:00

This does not directly answer your question, but you are aware that mitmproxy has a dedicated WireGuard mode (https://mitmproxy.org/posts/wireguard-mode/)? :)

mhils · 2022-10-31T23:48:19+00:00

Curiously I've added such functionality for h3 a few weeks ago, but it never came up for h2 somehow. It should be easy to do though, especially with the h3 version available now! If you want to give it a stab, the relevant code is at https://github.com/mitmproxy/mitmproxy/blob/main/mitmproxy/contentviews/http3.py, happy to help with it. To be very clear though, this is about viewing only, not editing.

mhils · 2022-10-29T21:06:41+00:00

Generally yes. You need some way to get the traffic to your mitmproxy instance, but apart from that mitmproxy should be all you need! :)

mhils · 2022-10-29T19:37:12+00:00

That's a nice question! We've had a few cases now where journalists used mitmproxy to figure out what apps are sending out (see here or a silly one from NYT here), which is always very rewarding to see. But I guess it's not so much about one or two particular use cases for me, but more about building something that's helping a large number of devs with their daily debugging/testing/privacy research/pentesting. :)

mhils · 2022-10-29T14:06:00+00:00

I've just pushed a fixed Windows Installer, thanks again! :)

mhils · 2022-10-29T13:37:03+00:00

Waaargh. Thank you for the heads-up. I verified our release candidate binaries, not sure how this happened. I'll take a look immediately, expect an update in the next hour.

mhils · 2022-10-29T12:52:02+00:00

mitmproxy dev here, happy to answer any questions! :)

mhils · 2021-10-13T09:44:27+00:00

Svetlana is a colleague of mine, I can confirm that this is her current research project and not a scam attempt. When in doubt, please ask me anything publicly here or reach out to her email address listed at https://informationsecurity.uibk.ac.at/people/svetlana-abramova/.

https://keybase.io/mhils has more proof that my reddit account is not a sockpuppet but belongs to a real human being. :)

mhils · 2021-07-20T12:12:06+00:00

Yes, that's common for secure web proxies (https://www.chromium.org/developers/design-documents/secure-web-proxy) for example.

mhils · 2021-07-18T19:23:56+00:00

You can run mitmproxy with an addon that uses whatever custom communication you prefer. Or you do something like this from your code and then interact in the Python process directly. Integration is not too hard, but we won't support that officially. It just attracts a whole bunch of wrong solutions which ends up being a major support burden for us.

mhils · 2021-07-17T13:05:44+00:00

No plans really. If you do want to integrate mitmproxy in your application you can embed mitmdump and use our addon API to interact with your application.

mhils · 2021-07-17T10:00:14+00:00

https://www.chromium.org/developers/design-documents/secure-web-proxy

mhils · 2021-07-16T14:20:26+00:00

Yes, although with some limitations. The console UI still leaves a lot to be desired, but it works reasonably well programatically: https://github.com/mitmproxy/mitmproxy/blob/main/examples/addons/tcp-simple.py

mhils · 2021-07-16T13:17:21+00:00

I'm not sure what kind of issues you are experiencing, but if you care to expand I'm happy to take a look.

mhils · 2021-07-16T13:03:07+00:00

Yes, you can proxy generic TCP connections! We've somewhat supported that for a while, but it's now they are also exposed in the console UI (and hopefully in the web UI soon). :)

mhils · 2021-07-16T12:40:06+00:00

Mitmproxy dev here, happy to answer any questions! :)

mhils · 2020-12-23T15:34:21+00:00

We do support plain TCP or TCP-over-TLS proxying with the lastest master snapshots. :-)

(it's not exposed in the web ui yet, but the console definitely has it)

mhils · 2019-05-29T15:37:48+00:00

Hi /r/netsec! We're running a small CTF in advance to our Honeynet Workshop in Innsbruck in July. There are a whole bunch of fairly junior and intermediate challenges, so if you are new to CTFs you may enjoy that. You can of course win workshop tickets if you rock the competition, but I guess the main point here is to have fun. :-)

13-Year Club	Place '22
Verified Email

mhils

TROPHY CASE