mitmproxy is an intercepting proxy that allows you to inspect and modify http requests that you send through it.
Once installed, running the mitmproxy command will put you into an ncurses interface with the proxy host and port listed in the bottom right.
Once you’ve configured your browser to use the running proxy (remembering to set it for https as well as http) you should start seeing traffic being listed.
You can browse up and down this list with the arrow keys, and view the details of any request or response by pressing enter on the item.
At the moment though SSL traffic will still be encrypted. To be able to view the request and response bodies we need to install the generated root ca certificate for the proxy. The easiest way to do this is browse to mitm.it in your configured browser, you will be returned a webpage from the proxy itself that has buttons that automate the installation for you.
Back in the mitmproxy interface, if you press the ‘i’ key, you will be prompted to enter an intercept filter. This is a part of a URL that mitmproxy will look for in requests, and will case it to halt any that match in flight, allowing you to make modifications.
When a request comes in that matches an added filter, the text will appear orange.
Pressing ‘a’ will accept the request, and then capture the response returned from the server. If you press enter, and then tab to the response details you can press ‘e’ for edit, and then ‘r’ for raw response body.
This will open the response in your systems default editor, allowing you to edit it however you like.
When you save your changes, and leave your editor you can then press ‘a’ for accept again, and your modified response will be sent back to your browser.
