A MITM Proxy Written in Rust đŸĻ€! Toolkit for HTTP/1, HTTP/2, and WebSockets with SSL/TLS Capabilities. Learning Project.

Overview

Man In The Middle Proxy

Rust GitHub GitHub last commit GitHub top language

Description

Rust-based Man in the Middle proxy, an early-stage project aimed at providing visibility into network traffic. Currently, it displays both HTTP and HTTPS requests and responses, but our future goal is to allow for manipulation of the traffic for more advanced use cases.

Cast

Features

  • 🔐 HTTP / HTTP(s)
  • 🖱ī¸ Gui
  • ⌨ī¸ Possibility of choosing a customised address and listening port
  • 🔍 Details for each request and response
  • đŸŽ¯ Filtering the list of requests by method
  • ❌ Deleting a single request from the list
  • đŸšĢ Clear all requests and clean the table
  • 🌌 Dark / light theme

Getting Started

  1. Generate a Certificate:
  • go to ~proxyapi/src/ca/
  • start generation with following terminal command: openssl req -x509 -newkey rsa:4096 -keyout mitmproxy.key -out mitmproxy.cer -sha256 -days 700000 -nodes
  • You can just hit Enter to accept default options but keep in mind to add at least a common name

  1. Install .cer file locally and trust it.
  1. Configure your local system proxy on 127.0.0.1:8100.

Documentation and Help

If you have questions on how to use Man In The Middle Proxy, please use GitHub Discussions! GitHub Discussions

Contributing

Contributions are always welcome!

See contributing.md for ways to get started.

Please adhere to this project's code of conduct.

Licenses

See LICENSE-APACHE, LICENSE-MIT for details

Screenshots

Input of Listening Address

Mitm proxy Screenshot 1 Mitm proxy Screenshot 1

Requests List

Mitm proxy Screenshot 2 Mitm proxy Screenshot 2

Request and Response Details

Mitm proxy Screenshot 3 Mitm proxy Screenshot 3

Comments
  • Allow proxying for other devices in the same network

    Allow proxying for other devices in the same network

    Is your feature request related to a problem? Please describe. No.

    Describe the solution you'd like The proxy listens on 127.0.0.1, which only allows connections from localhost. I want to use the proxy for other devices in the network.

    enhancement good first issue 
    opened by yuankunzhang 9
  • custom certificate

    custom certificate

    It might be a good idea to allow the user to select a cert to use instead of providing a CA that needs to be trusted by the system. This would allow users to take advantage of something like mkcert for local use in a more flexible way.

    enhancement good first issue 
    opened by emanuele-em 7
  • Implement filtering requests by method

    Implement filtering requests by method

    Hello! My name is Marcel and I'm a recent Bachelor's graduate and Rust enthusiast đŸĻ€. I saw your posting on TWIR Call for Participation, and it seemed like a perfect avenue for my first open source contribution, closes #6.

    https://user-images.githubusercontent.com/45983298/220324277-61a83201-38bc-4835-bc17-cf89d73c905b.mov

    I did my best to maintain the existing inline style of the code, and no keep the filter minimally intrusive visually. Please let me know if there's anything you'd like me to change :)

    opened by MMukundi 2
  • add button for deleting request

    add button for deleting request

    Should solve: #8 The commit adds an extra button per request that let's the user remove the request.

    A couple things: Because the rows per request are generated by iterating over the vector of MitmProxy.requests and we want to remove an entry from that vector while iterating over it, I had to copy the vector and iterate over the copy so that I could change the MitmProxy.requests freely. Not sure if this is the best approach, but works as of now.

    Also the order of how the different panels and columns are rendered had to be changed because otherwise render_right_panel would cause an index out of bounds error if a request got deleted in the call to self.table_ui beforehand. That's because it would try to render the right panel for a request that was deleted. Maybe we could also do it like this to make sure that every call to self.render_right_panel() always has the latest version of self.requests:

    ui.columns(2, |columns| {
                ScrollArea::both()
                    .id_source("requests_table")
                    .show(&mut columns[0], |ui| self.table_ui(ui));
    
                if let Some(i) = self.state.selected_request {
                    ScrollArea::vertical()
                        .id_source("request_details")
                        .show(&mut columns[1], |ui| {
                            self.render_right_panel(ui, i);
                        });
                }
            })
    

    But then the sizing of the columns looks weird when start up of the application.

    Let me know what you think.

    enhancement 
    opened by phillyphil91 1
  • Usability Upgrade - Communication between GUI and API with type consistency

    Usability Upgrade - Communication between GUI and API with type consistency

    Due to me and my initial laziness all communications between API and eGUI are done trough String in the following way: 1. Api Structs types -> 2. Convert all fields to String (even in twisted ways) -> 3. Output Struct (of String) -> 4. Send Output Struct via Thread channel to eGUI -> 5. eGui Receives Output Struct -> 6. eGui convert it to a new Requests struct (of String) in order to print it correctly.

    It Sucks.

    The goal is to avoid string conversion and if possible make order and consistency between API types and eGUI types in this way: 1. API Structs types -> 2. send that type via Channel -> 3. eGui Receives the structs and print it directly

    help wanted Idiomatic stuffs 
    opened by emanuele-em 1
  • Implement Request/Response Type Consistency

    Implement Request/Response Type Consistency

    Closes #20. While visual changes were, by design, kept to a minimum, one that fell into place is a display of the actual body bytes of the requests and responses feature:type-consistency

    This could easily be expanded upon later, implementing decompression and interpreting the data in several ways (e.g. utf-8 vs png)

    opened by MMukundi 0
  • Crash when clear the list if a request is selected

    Crash when clear the list if a request is selected

    Describe the bug The App crashes if you clear the requests list if a request is selected

    To Reproduce Steps to reproduce the behavior:

    1. wait for some requests
    2. Click on 🔍 button on a request
    3. Click on đŸšĢ button (clear button) in the top bar
    4. Crash

    Expected behavior When we clear the list we expected that the selection to be removed

    Resolution Best solution imho is to manage differently the selection with the state struct, with a state struct we can add an <Option> field called "selected", before clearing the list we can set that field as None. This is only the first solution that came to my mind but I think that it's could be good, I am however open to different and better solutions

    bug good first issue 
    opened by emanuele-em 0
  • Rename your repository to respect gender-neutral phraseology.

    Rename your repository to respect gender-neutral phraseology.

    Per issue #10 (https://github.com/emanuele-em/man-in-the-middle-proxy/issues/10), the repository should not use gendered language for naming the capabilities of this codebase. Rename this to something resembling machine-in-the-middle-proxy.

    opened by ebelliveau 0
  • Make order with constants and hard coded parts

    Make order with constants and hard coded parts

    some parts are hardcoded to fix different and stupid bugs. It could be a good idea to store all numerical variables in idiomatic const to put in main.rs file:

    • offsets
    • dinstances
    • paddings
    • etc...
    enhancement good first issue Idiomatic stuffs 
    opened by emanuele-em 0
  • pause and play the request

    pause and play the request

    Is your feature request related to a problem? Please describe. add a toggle button (pause / play) in the bottom panel that allow to temporary stop the listening

    Describe the solution you'd like it should only stop the "append to vec" action

    enhancement good first issue 
    opened by emanuele-em 0
  • add different colors for different request method

    add different colors for different request method

    Description add different colors for different request method, the color should be only the background of the method and not the background of the entire row

    good first issue GUI 
    opened by emanuele-em 0
Releases(v0.1.5)
Owner
null
Lightweight, event-driven WebSockets for Rust.

WS-RS Lightweight, event-driven WebSockets for Rust. /// A WebSocket echo server listen("127.0.0.1:3012", |out| { move |msg| { out.send(ms

Jason Housley 1.3k Jan 8, 2023
Synchronized state machines for Rust over WebSockets.

Aper is a framework for real-time sharing of application state over WebSockets.

null 191 Dec 20, 2022
Rust + wasm + websockets

This is a template repo for eframe, a framework for writing apps using egui.

Emil Ernerfeldt 12 Oct 3, 2022
Composable WebSockets made easy, for Rust đŸĻ€

ezsockets Have you ever struggle with creating a WebSocket server or a client in Rust? This crate is for you. High level abstraction of WebSocket, han

Grzegorz Baranski 55 Dec 30, 2022
Rust API connector for Bybit's WebSockets APIs.

rust-bybit English | įŽ€äŊ“中文 Unofficial Rust API connector for Bybit's WebSockets APIs. Disclaimer This is an unofficial Rust API connector for Bybit's A

yufuquant 12 Nov 12, 2022
Command-line client for WebSockets, like netcat (or curl) for ws:// with advanced socat-like functions

websocat Netcat, curl and socat for WebSockets. Examples Connect to public echo server $ websocat ws://echo.websocket.org 123 123 ABC ABC Serve and c

Vitaly Shukela 5k Jan 4, 2023
😎 A custom invoke system for Tauri that leverages WebSockets

?? tauri-awesome-rpc This is a crate provides a custom invoke system for Tauri using a localhost JSON RPC WebSocket. Each message is delivered through

Victor Aremu 20 Dec 2, 2022
WebSocket-to-HTTP reverse proxy

websocket-bridge This is a simple reverse proxy server which accepts WebSocket connections and forwards any incoming frames to backend HTTP server(s)

Fermyon 5 Dec 21, 2022
A simple toy websocket client to connect to Bitstamp.net and print the live order book written in Rust.

A simple toy websocket client to connect to Bitstamp.net and print the live order book written in Rust.

Nate Houk 1 Feb 14, 2022
A WebSocket (RFC6455) library written in Rust

Rust-WebSocket Note: Maintainership of this project is slugglish. You may want to use tungstenite or tokio-tungstenite instead. Rust-WebSocket is a We

Rust Websockets 1.3k Jan 6, 2023
A WebSocket (RFC6455) library written in Rust

Rust-WebSocket Rust-WebSocket is a WebSocket (RFC6455) library written in Rust. Rust-WebSocket provides a framework for dealing with WebSocket connect

Jason N 19 Aug 22, 2022
A webserver and websocket pair to stop your viewers from spamming !np and "what's the song?" all the time.

spotify-np ?? spotify-np is a Rust-based local webserver inspired by l3lackShark's gosumemory application, but the catch is that it's for Spotify! ??

Noire 2 Aug 27, 2022
ChatApp made using the standard library net module and tui-rs.

chatui Simple chat application. You'll need both chatui_server and chatui_client to run this application. Installation With cargo cargo install chatui

Gauravsingh Sisodia 6 Dec 15, 2021
SockJS server for rust language

SockJS server SockJS server for Actix framework. API Documentation Cargo package: sockjs SockJS is built with Actix web Minimum supported Rust version

Actix 63 Oct 7, 2022
Lightweight stream-based WebSocket implementation for Rust.

Tungstenite Lightweight stream-based WebSocket implementation for Rust. use std::net::TcpListener; use std::thread::spawn; use tungstenite::server::ac

Snapview GmbH 1.3k Jan 2, 2023
A very-very simple url shortener for Rust

urlshortener-rs A very simple urlshortener for Rust. This library aims to implement as much URL shortener services as possible and to provide an inter

Victor Polevoy 39 Nov 20, 2022
An aria2 websocket jsonrpc in Rust.

aria2-ws An aria2 websocket jsonrpc in Rust. Built with tokio. Docs.rs aria2 RPC docs Features Almost all methods and structed responses Auto reconnec

null 8 Sep 7, 2022
Hudsucker is a MITM HTTP/S proxy written in Rust.

hudsucker Hudsucker is a MITM HTTP/S proxy written in Rust. Features Modify HTTP/S requests Modify HTTP/S responses Modify websocket messages Usage Fo

null 86 Dec 25, 2022
Rust TLS/SSL certificate expiration date from command-line checker

Rust TLS/SSL certificate expiration date from command-line checker

Jose Bovet Derpich 9 Nov 9, 2022
OpenSSL compatibility layer for the Rust SSL/TLS stack

An OpenSSL compatibility layer for the Rust SSL/TLS stack. MesaLink is an OpenSSL compatibility layer for the Rust SSL/TLS stack, namely rustls, webpk

MesaLock Linux 1.5k Dec 23, 2022