mitmproxy cheatsheet
[mitmproxy](https://mitmproxy.org/) is a free and open source interactive HTTPS proxy. This is a quick reference cheat sheet to the mitmproxy.
#Getting stared
#Usage
Option | Example | Description |
---|---|---|
-p | mitmproxy -p 8001 | Start proxy on port 8001 |
-m | mitmproxy -p 8001 -m reverse:http://127.0.0.1:4000 | Reverse proxy on port 8001 to port 4000 |
-w | mitmproxy -p 8001 -w traffic.mitm | Stream flows to file as they arrive |
-r | mitmproxy -r traffic.mitm | Read flows from file |
-C | mitmproxy -C traffic.mitm | Replay client requests from a saved file |
-S | mitmproxy -S traffic.mitm | Replay server responses from a saved file |
-s | mitmproxy -s myScript.py | Execute a script |
-h | mitmproxy -h | mitmproxy quick help |
#Movement
k Ctrl b
▲ ▲▲
│ ││
h ◀ ─── + ─── ▶ l ││ page
│ ││
▼ ▼▼
j Ctrl f / Space
- | - |
---|---|
h , j , k ,l | Left, Down, Up, Right |
Ctrl b | Page up |
Space / Ctrl f | Page down |
g / G | Go to beginning / end |
Arrows | Up, Down, Left, Right |
#Common Keybindings
- | - |
---|---|
q | Back / Exit |
z | Clear flow list |
: | Command prompt |
E | View event log |
O | View options |
r | Replay this flow |
Tab | Next |
Enter | Select |
#Global Keybindings
- | - |
---|---|
- | Cycle to next layout |
? | View help |
B | Start an attached browser |
C | View commands |
I | Toggle intercept |
K | View key bindings |
P | View flow details |
Q | Exit immediately |
W | Stream to file |
i | Set intercept |
Ctrl right | Focus next layout pane |
Shift tab | Focus next layout pane |
#Flow (View)
- | - |
---|---|
A | Resume all intercepted flows |
D | Duplicate flow |
F | Set focus follow |
L | Load flows from file |
M | Toggle viewing marked flows |
S | Start server replay |
U | Un-set all marks |
V | Revert changes to this flow |
X | Kill this flow |
Z | Purge all flows not showing |
a | Resume this intercepted flow |
b | Save response body to file |
d | Delete flow from view |
e | Export this flow to file |
f | Set view filter |
m | Toggle mark on this flow |
n | Create a new flow |
o | Set flow list order |
r | Replay this flow |
v | Reverse flow list order |
w | Save listed flows to file |
| | Run a script on this flow |
Ctrl l | Send cuts to clipboard |
{.shortcuts}
#Filter
#Filter
- | - |
---|---|
f | Set view filter (on flow view page) |
- RegEX cheatsheet(quickref.me)
The regex are Python-style, it can be specified as quoted strings
#Operators
- | - |
---|---|
! | unary not |
& | and |
| | or |
(...) | grouping |
#Expressions
- | - |
---|---|
~a | Match asset in response: CSS, Javascript, Flash, images. |
~b regex | Body |
~bq regex | Request body |
~bs regex | Response body |
~c int | HTTP response code |
~d regex | Domain |
~dst regex | Match destination address |
~e | Match error |
~h regex | Header |
~hq regex | Request header |
~hs regex | Response header |
~http | Match HTTP flows |
~m regex | Method |
~marked | Match marked flows |
~q | Match request with no response |
~s | Match response |
~src regex | Match source address |
~t regex | Content-type header |
~tcp | Match TCP flows |
~tq regex | Request Content-Type header |
~ts regex | Response Content-Type header |
~u regex | URL |
~websocket | Match WebSocket flows (and HTTP-WebSocket handshake flows) |
#Flow selectors
Expressions
| - | - |
|--------------|----------------------------|
| @all
| All flows |
| @focus
| The currently focused flow |
| @shown
| All flows currently shown |
| @hidden
| All flows currently hidden |
| @marked
| All marked flows |
| @unmarked
| All unmarked flows |
mitmproxy has a set of convenient flow selectors that operate on the current view
#Examples
URL containing "google.com"
google\.com
Requests whose body contains the string "test"
~q ~b test
Anything but requests with a text/html content type:
!(~q & ~t "text/html")
Replace entire GET string in a request (quotes required to make it work):
":~q ~m GET:.*:/replacement.html"
#Scripts
#Custom response
from mitmproxy import http
def request(flow: http.HTTPFlow) -> None:
if flow.request.pretty_url == "http://example.com/path":
flow.response = http.HTTPResponse.make(
200, # (optional) status code
b"Hello World", # (optional) content
{"Content-Type": "text/html"} # (optional) headers
)
Send a reply from the proxy without sending any data to the remote server
#Add header
class AddHeader:
def __init__(self):
self.num = 0
def response(self, flow):
self.num = self.num + 1
flow.response.headers["count"] = str(self.num)
addons = [
AddHeader()
]
Add an HTTP header to each response
#See also
#See also
- mitmproxy addons(github.com)
- mitmproxy docs(mitmproxy.org)