mitmweb

Start mitmweb with default settings

$ mitmweb

$ mitmweb --listen-host [ip_address] --listen-port [port]

$ mitmweb --scripts [path/to/script.py]

mitmweb [options] [script]

-h, --help
    Show help message and exit.

-v, --version
    Show program's version number and exit.

-p PORT, --port PORT
    Port to listen on. Defaults to 8081.

--anticache
    Add anti-cache headers to all responses.

--certs CERTSTORE_DIRECTORY
    Location of the certificate store.

--no-http2
    Disable HTTP/2 support.

--no-http3
    Disable HTTP/3 support.

--ssl-insecure
    Disable SSL certificate validation (not recommended).

--upstream-proxy PROXY_SPEC
    Specify an upstream proxy server in the form proto://[user:pass@]host:port.

--mode MODE
    Set the interception mode (regular, transparent, socks5, reverse:SPEC).

[script]
    Path to a mitmproxy script file

mitmweb is an interactive web interface for mitmproxy, an SSL-capable man-in-the-middle proxy. It allows you to intercept, inspect, modify, and replay HTTP/1, HTTP/2, HTTP/3, WebSocket, and other SSL/TLS traffic. It provides a user-friendly web browser interface to view intercepted traffic, filter requests and responses, edit traffic details, and perform other advanced debugging and security testing tasks. Think of it as a powerful web debugging proxy with a convenient browser based user interface. mitmweb is commonly used by developers, security researchers, and network administrators to analyze network traffic, debug web applications, and test security vulnerabilities.

By default, mitmweb stores all captured flows in memory, resulting in data loss on termination. To persistently store data, configure flow storage to disk.

Using mitmweb with --ssl-insecure disables SSL certificate validation, which can expose you to man-in-the-middle attacks. Only use this option in trusted environments or for testing purposes.

The web interface provides a flow list, a detail view for individual flows, and options for filtering, modifying, and replaying traffic.

The flow list provides a summary of all captured HTTP flows. Clicking on a flow in the list will display the detailed request and response information.

The detail view allows you to inspect the request and response headers, content, and other metadata. You can also modify the request or response and replay the flow to test different scenarios.

mitmweb is part of the mitmproxy suite, a project that has evolved from simple proxy tools to a comprehensive platform for analyzing and manipulating network traffic. It addresses the need for a user-friendly interface to manage and visualize the data captured by mitmproxy, enabling easier debugging and analysis of web applications.

mitmproxy(1), mitmdump(1)