How mitmproxy works
|Richard Harris in Programming Thursday, May 16, 2013|
Aldo Cortesi started work on mitmproxy because he was frustrated with the available interception tools. He had a long list of minor complaints - they were insufficiently flexible, not programmable enough, mostly written in Java (a language I don't enjoy), and so forth. The most serious problem, though, was opacity. The best tools were all closed source and commercial. SSL interception is a complicated and delicate process, and after a certain point, not understanding precisely what your proxy is doing just doesn't fly.
His posts (link below) is now part of the official documentation of mitmproxy. It's a detailed description of mitmproxy's interception process, and is more or less the overview document that he wished he had when starting his first project. Proceed by example, is the simplest unencrypted explicit proxying, and working up to the most complicated interaction - transparent proxying of SSL-protected traffic1 in the presence of SNI.
Read more: http://corte.si/posts/code/mitmproxy/howitworks/in...