mitmproxy

mitmproxy is a free, open-source interactive HTTPS proxy for analyzing, intercepting, and modifying network traffic between clients and servers. Developed by Aldo Cortesi and the mitmproxy team since 2010, it has become an indispensable tool for security researchers, penetration testers, QA engineers, and developers who need to inspect and debug HTTP and HTTPS traffic. Unlike Wireshark, which operates at the network packet level and requires deep protocol knowledge, mitmproxy works at the HTTP application layer, presenting intercepted traffic in a clean, readable, and searchable interface. The name mitmproxy stands for Man-In-The-Middle proxy, referring to the technique of positioning the proxy between the client and server to intercept and modify traffic. The project consists of three main components: mitmproxy (the interactive console-based TUI interface for terminal users), mitmweb (a web-based interface for users who prefer a browser-based workflow), and mitmdump (the command-line, non-interactive version suitable for scripting and automated testing). Key capabilities include: HTTPS interception via a custom Certificate Authority (CA) that generates on-the-fly certificates for intercepted domains, with the generated CA certificate needing to be installed and trusted on the client device; support for HTTP/1.1, HTTP/2, and HTTP/3 (QUIC) protocols; WebSocket message interception and modification; request and response modification via inline scripts or addon modules; traffic recording and replay (both client-side and server-side replay); content decoding for gzip, deflate, and brotli encoded responses; automatic JSON and XML formatting for readability; filtering and searching using a powerful filtering language; client replay for re-sending previously captured requests; and reverse proxy mode. As of 2026, mitmproxy has over 38,000 GitHub stars.