api-mitmproxylisted

# mitmproxy API Security Testing ## Overview mitmproxy is an interactive, TLS-capable intercepting HTTP proxy for penetration testers and developers. It enables real-time inspection, modification, and replay of HTTP/HTTPS traffic including APIs, mobile apps, and thick clients. With support for HTTP/1, HTTP/2, HTTP/3, and WebSockets, mitmproxy provides comprehensive coverage for modern API security testing. ## Interfaces **mitmproxy** - Interactive console interface with keyboard navigation **mitmweb** - Web-based GUI for visual traffic inspection **mitmdump** - Command-line tool for automated traffic capture and scripting ## Quick Start Install and run mitmproxy: ```bash # Install via pip pip install mitmproxy # Start interactive console proxy mitmproxy # Start web interface (default: http://127.0.0.1:8081) mitmweb # Start command-line proxy with output mitmdump -w traffic.flow ``` Configure client to use proxy (default: localhost:8080) ## Core Workflows ### Workflow 1: Interactive API Traffic Inspection For manual API security testing and analysis: 1. Start mitmproxy or mitmweb: ```bash # Console interface mitmproxy --mode regular --listen-host 0.0.0.0 --listen-port 8080 # Or web interface mitmweb --mode regular --listen-host 0.0.0.0 --listen-port 8080 ``` 2. Configure target application to use proxy (HTTP: localhost:8080) 3. Install mitmproxy CA certificate on client device 4. Trigger API requests from the application 5. Intercept and inspe