mitmproxy: Lift the veil on server-side HTTP(s) interaction
By: Ross Heflin
Date: March 8, 2018, 6 p.m.
When writing web frontends there's powerful tools for understanding backend calls made by a website (Network tab in Chrome, Firefox, Webkit'sm Dev Tools and HAR analyzers).
These are (reasonably) great for figuring out what requests a browser is making to backend servers & what came back. When dealing with server-side code its somewhat harder to see all requests made to other systems in context of what requests came into the server-side api without instrumenting your code with lots of (often incomplete) logging.
During the last 5 years, I've worked through many issues in various languages/frameworks and libraries, where the only common thread was (sometimes complex) communication with other systems over HTTP(S) by using mitmproxy.
This talk will cover a variety of use cases, demonstrating some useful capabilities of this versatile tool with minimal (if any) changes to existing code regardless of source language, server-side framework, and HTTP client used.