-
mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
MagiskTrustUserCerts
A Magisk/KernelSU module that automatically adds user certificates to the system root CA store
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
ndbproxy
A proxy/bridge that runs between a Node.JS debug server and a Chromium devtools client and adds some additional features.
I've been looking to use mitmproxy to capture traffic in a project, but the serialization format is something called TNetStrings [1], which postfixes types and is thus not serializable. There seem to be some efforts to switch flow captures to use SQLite [2] or Protobuf [3], although PCAP would also be nice, I think.
[1]:https://tnetstrings.info/
[2] https://github.com/mitmproxy/mitmproxy/issues/3075
[3] https://github.com/mitmproxy/mitmproxy/pull/3232
I recently used it to modify the response from the replay server for an autobattler game, to let me watch arbitrary replays for theory-crafting and just general fun. The game is called Super Auto Pets, here's the code with the mitmproxy extension: https://github.com/bspammer/super-auto-pets
This is true, by default Android apps do not trust user-installed certificate authorities. IMO the easiest solution if you're doing security testing on a dedicated device is MagiskTrustUserCerts[1]. If you're not testing on a dedicated device or you don't want to root the device, I'd recommend using the objection[2] tool which has a guided mode for patching an apk, and you can modify the manifest to add your CA or to trust all user-installed CAs.
[1]: https://github.com/NVISOsecurity/MagiskTrustUserCerts
[2]: https://github.com/sensepost/objection/wiki/Patching-Android...
This is true, by default Android apps do not trust user-installed certificate authorities. IMO the easiest solution if you're doing security testing on a dedicated device is MagiskTrustUserCerts[1]. If you're not testing on a dedicated device or you don't want to root the device, I'd recommend using the objection[2] tool which has a guided mode for patching an apk, and you can modify the manifest to add your CA or to trust all user-installed CAs.
[1]: https://github.com/NVISOsecurity/MagiskTrustUserCerts
[2]: https://github.com/sensepost/objection/wiki/Patching-Android...
There’s an addon that supports PCAP files [0]. It works quite well in my experience.
[0] https://github.com/muzuiget/mitmpcap
I was reverse engineering my microwave a few years ago and couldn't MITM on XMPP because of the TLS so I used a jailbroken iPhone and was able to "swizzle" the Objective-C methods to log the data at a method right before encryption started. Fun.
There was another XMPP MITM I could have used, but I think I was already invested in figuring out the first idea before I learned of the simpler, existing way:
https://github.com/BrianHenryIE/XMPPFrameworkLogger
https://github.com/iamultra/xmppmitm
I was reverse engineering my microwave a few years ago and couldn't MITM on XMPP because of the TLS so I used a jailbroken iPhone and was able to "swizzle" the Objective-C methods to log the data at a method right before encryption started. Fun.
There was another XMPP MITM I could have used, but I think I was already invested in figuring out the first idea before I learned of the simpler, existing way:
https://github.com/BrianHenryIE/XMPPFrameworkLogger
https://github.com/iamultra/xmppmitm
Mitmproxy is so much fun. I used it recently to inspect the traffic between a `node --inspect` process and the Chrome devtools. I then used my understanding to "fix" a few things that annoyed me about the node debugging workflow - like how each time the debug server starts, it has a unique URL that you need to manually attach to in the debugger. It's very hacky but it works for my needs.
https://github.com/b0o/ndbproxy
FWIW: I'm building something in Go (https://github.com/dstotijn/hetty). But it's pretty early stage and not even near the featureset that mitmproxy or Burp Suite has. Also I wouldn't dare say it's more efficient (yet!). But Go has been great so far to build it.
As mentioned elsewhere: (dev friendly) extensibility/add-ons with Go will be an interesting challenge. Haven't looked into it yet.