.gif?raw=true)
An enhanced fork of mitmproxy with 31 advanced features, modern UI, and powerful traffic analysis tools.
Built for security researchers, developers, and QA engineers who need more control over network traffic.
BetterMITM includes 31 fully implemented features across 9 categories:
- Advanced Interceptor - Bidirectional interception with pause/block modes, URL pattern matching, and skip functionality
- Smart Interception Rules Engine - Visual rule builder with JSON/YAML support, priority-based execution, and complex condition matching
- Traffic Replay with Modifications - Replay requests with modifications, batch replay, and replay history
- Connection Pooling & Rate Limiting - Control connection behavior with configurable pool sizes and rate limits per domain
- Traffic Analytics Dashboard - Real-time graphs, statistics, top domains, response times, error rates with CSV/JSON export
- Flow Comparison Tool - Side-by-side flow comparison with diff highlighting, multiple flow comparison, and export reports
- Traffic Timeline Visualization - Interactive timeline showing all flows with relationships, timing, and color-coded status codes
- Performance Profiling - CPU/memory monitoring, slow operation detection, performance recommendations, and reports
- Request/Response Transformers - Pre-built and custom transformers for JSON path, headers, URL rewriting, encoding/decoding
- Scriptable Interception - JavaScript and Python scripting with full API access, debugging tools, and dynamic interception logic
- Body Editor with Syntax Highlighting - Monaco Editor integration with syntax highlighting, auto-formatting, validation, and search/replace
- Security Testing Suite - Test for SQL injection, XSS, CSRF, authentication bypass, header security, and SSL/TLS configuration
- Certificate Management - Import custom CAs, detect certificate pinning, bypass pinning, view certificate chains, and expiration warnings
- Authentication Testing Tools - Extract tokens, decode/edit JWTs, visualize OAuth flows, test token rotation, and MFA testing
- WebSocket Message Interception - Full WebSocket support with message interception, modification, injection, filtering, and replay
- gRPC/Protobuf Enhanced Support - Visual protobuf editor, import .proto files, auto-decode messages, type-safe editing, and stream handling
- HTTP/3 and QUIC Support - Full HTTP/3 interception, QUIC connection details, stream visualization, and message modification
- Customizable Dashboard - Drag-and-drop widgets, save layouts, export/import configurations with stats, charts, flow lists, and filters
- Keyboard Shortcuts & Macros - Custom shortcuts, macro recording/playback, conflict detection, and shareable macros
- Flow Bookmarks & Tags - Bookmark important flows, organize with tags, filter by tags, export bookmarked flows
- Dark Mode Auto-Switch - Follow system preference or schedule theme changes with smooth transitions between 10 beautiful themes
- Advanced Export Options - Export to Postman, Insomnia, OpenAPI/Swagger, HAR, custom templates, batch export, and scheduled exports
- API for External Tools - REST API endpoints, WebSocket API, authentication, OpenAPI docs, rate limiting, and webhook support
- Automated Testing Framework - Create test cases from flows, assertion builder, test execution, reports, and CI/CD integration
- Interactive Tutorials - Step-by-step tutorials with interactive examples, progress tracking, and contextual help
- Contextual Help System - Comprehensive help topics, search functionality, video links, and example flows
- Flow Templates - Save and reuse flow templates with variables, template library, and sharing
- Automated Response Generation - Generate mock responses based on request patterns, templates, dynamic generation, and pattern matching
- Create Request Feature - Build and send custom HTTP requests with templates, import/export, and request history
- Fake Response Creator (Mock Responses) - Actually intercepts real requests and sends fake responses instead of forwarding to the real server. Supports pattern matching (regex, exact, contains), priority-based matching, response delays, and condition-based matching with extensive customization options
- Enhanced Flow Management - Advanced filtering, sorting, search, bulk operations, and flow organization tools
- Python 3.10+
- uv (fast Python package installer) - Install uv
- Node.js 18+ (for building the web frontend)
-
Clone the repository:
git clone https://github.com/BetterMint/BetterMITM.git cd BetterMITM -
Run the setup script:
Windows:
run.bat
Linux/MacOS:
chmod +x run.sh ./run.sh
The script will automatically:
- Check for and install
uvif needed - Install Python dependencies using
uv - Check for Node.js
- Install npm dependencies
- Build the web frontend with Vite
- Start BetterMITM
- Check for and install
-
Access the web interface: Open the URL shown in the terminal (typically
http://127.0.0.1:8081/?token=...) in your browser -
Configure your device/browser:
- Set proxy to
127.0.0.1:8080(or the port shown in the terminal) - Install CA certificate from
http://mitm.itwhen prompted
- Set proxy to
- Installation Guide: See the Quick Start section above
- First Steps: Open the Help tab in BetterMITM for interactive tutorials
- Feature Guides: Each feature has detailed help in the Help tab
Create complex interception rules with a visual builder or JSON/YAML configuration. Set priorities, multiple conditions, and actions (intercept, block, modify, redirect).
Example Rule (YAML):
rules:
- name: "Block Ads"
priority: 100
enabled: true
action: block
conditions:
- type: url
operator: matches
value: ".*ads\..*"View real-time statistics including:
- Total flows, data transfer, error rates
- Status code distribution charts
- HTTP method breakdown
- Top domains and response times
- Export data as CSV or JSON
Write custom JavaScript or Python scripts to control interception:
JavaScript Example:
// Modify all requests to example.com
if (flow.request.pretty_host === "example.com") {
flow.request.headers["X-Custom-Header"] = "Modified";
}Python Example:
def request(flow):
if "example.com" in flow.request.pretty_host:
flow.request.headers["X-Custom-Header"] = "Modified"Test your applications for common vulnerabilities:
- SQL Injection
- Cross-Site Scripting (XSS)
- CSRF Protection
- Authentication Bypass
- Header Security Analysis
- SSL/TLS Configuration
Create your own dashboard with drag-and-drop widgets:
- Statistics widgets
- Chart widgets (methods, status codes)
- Flow list widgets
- Domain list widgets
- Save and restore layouts
- Export/import dashboard configurations
- Open the Capture tab
- Enable Advanced Interceptor
- Add URL pattern:
api.example.com - Set mode to Pause
- When API calls are intercepted, modify them in the Flow tab
- Click Resume to continue
- Go to the Rules tab
- Click "Create Rule"
- Set name: "Block Tracking"
- Add condition: URL matches
.*tracking\..* - Set action: Block
- Set priority: 100
- Save and enable the rule
- Go to the Security tab
- Select a flow from the list
- Choose tests: SQL Injection, XSS, CSRF
- Click "Run Security Tests"
- Review results with severity levels and recommendations
Important: Mock responses actually intercept real requests and send fake responses instead of forwarding to the real server. This is perfect for testing applications without a backend.
- Go to the Mock tab
- Click "Create Mock Response"
- Configure:
- Name: "Fake API Response"
- URL Pattern:
.*api\.example\.com/users.* - Match Mode: regex (or exact/contains)
- Priority: 10 (higher = matched first)
- Status Code: 200
- Body Type: JSON
- Body:
{"users": [], "message": "This is a fake response"} - Headers: Add custom headers if needed
- Delay: 100ms (optional, simulates network delay)
- Conditions: Optional (method, headers, body matching)
- Enable the mock response
- Result: When any application makes a request matching the pattern, BetterMITM intercepts it and returns your fake response instead of forwarding to the real server
Advanced Customization:
- Priority: Set priority (higher = matched first when multiple mocks match)
- Match Mode: Choose regex, exact, or contains matching
- Delay: Simulate network latency (milliseconds)
- Conditions: Add conditions based on HTTP method, headers, or body content
- Enable/Disable: Toggle individual mocks on/off without deleting them
BetterMITM provides extensive customization options across all features:
- Match Mode: regex, contains, or exact URL matching
- Skip Domains: Configure domains to never intercept
- Priority System: Set interception rule priorities
- Condition Types: URL, method, header, body, status code, domain
- Operators: equals, contains, matches (regex), starts_with, ends_with
- Case Sensitivity: Toggle case-sensitive matching
- Priority-Based Execution: Higher priority rules execute first
- Per-Domain Configuration: JSON-based rate limit configs
- Connection Pooling: Per-domain pool size configuration
- Throttling: Per-domain delay configuration
- Execution Order: Before, after, or replace (stop chain)
- Timeout & Retry: Configure timeouts and retry logic
- Conditional Application: Apply only if conditions match
- Priority System: Control transformer execution order
- Execution Timeout: Maximum script execution time
- Memory Limit: Set memory limits for scripts
- Error Handling: Continue, stop, or retry on error
- Hot Reload: Automatically reload scripts on changes
- Test Timeout: Configure timeout per test (5-300 seconds)
- Concurrent Tests: Number of parallel tests (1-20)
- Severity Filter: Filter results by severity level
- Custom Payloads: Add custom test payloads
- Stop on First Vulnerability: Halt when first issue found
- Refresh Interval: Auto-refresh rate (1-60 seconds)
- Time Range: Select time window for analytics
- Export Options: CSV/JSON export with filters
- Color Schemes: By status code, HTTP method, or domain
- Filters: Domain, method, status code, min duration
- Zoom Control: Adjust timeline zoom (0.5x to 5x)
- Show Relationships: Toggle flow relationship visualization
- Diff Algorithm: Semantic, character-based, or word-based
- Context Lines: Number of context lines around differences
- Ignore Options: Whitespace and case-insensitive comparison
- Compare Modes: Side-by-side, unified, or diff-only
- Batch Replay: Replay multiple times with intervals
- Transformation Scripts: JavaScript transformations during replay
- Replay Count: Set number of replays (1-100)
- Replay Interval: Delay between batch replays
- Go to the Dashboard tab
- Click "+ Stats" to add a statistics widget
- Click "+ Methods" to add an HTTP methods chart
- Drag widgets to reposition
- Resize widgets by dragging corners
- Click "Save" to persist your layout
BetterMITM includes 10 beautiful themes:
- 🌞 Light - Clean, bright interface
- 🌙 Dark - Easy on the eyes
- 🔵 Blue - Professional blue theme
- 🟣 Purple - Modern purple accent
- 🟢 Green - Fresh green theme
- 🔴 Red - Bold red theme
- 🟠 Orange - Warm orange theme
- 💻 Cyber - Futuristic cyber theme
- 🌃 Midnight - Deep dark theme
- 🌊 Ocean - Calming ocean theme
Click the Theme button in the top-right to switch themes. Enable auto-switch to follow your system's dark mode preference.
Ctrl+1- Switch to Capture tabCtrl+2- Switch to Flow List tabCtrl+3- Switch to Analytics tabCtrl+4- Switch to Tools tabCtrl+K- Open keyboard shortcuts
Enter- View selected flow detailsR- Replay selected flowD- Duplicate flowDelete- Delete selected flow(s)B- Bookmark selected flowT- Add tag to selected flow
I- Toggle interception for selected flowP- Pause/Resume intercepted flowM- Modify intercepted flow
See the Help tab for a complete list of keyboard shortcuts.
Mock responses actually intercept real requests and send fake responses instead of forwarding to the real server. This is perfect for:
- Testing applications without a backend
- Simulating API responses
- Testing error scenarios
- Development without network dependencies
Key Features:
- Real Interception: Actually blocks real requests and sends fake responses
- Pattern Matching: Supports regex, exact, and contains matching
- Priority System: Higher priority mocks are matched first
- Response Delays: Simulate network latency
- Condition Matching: Match based on HTTP method, headers, or body
- Enable/Disable: Toggle mocks without deleting them
Backend Configuration: The mock responses addon supports configuration via command-line options:
mock_responses_enabled: Enable/disable globallymock_responses_match_mode: Default match mode (regex, exact, contains)mock_responses_priority_order: How to order mocks (first, priority, last)mock_responses_block_real: Block real requests when mock is active (default: true)mock_responses_log: Log interceptions (default: true)
Example Use Case:
Create a mock that intercepts all requests to api.example.com and returns a fake 200 response:
- Pattern:
.*api\.example\.com/.* - Match Mode: regex
- Priority: 10
- Status: 200
- Body:
{"message": "Fake response", "data": []}
When your application makes requests to api.example.com, BetterMITM intercepts them and returns your fake response instead of forwarding to the real server.
BetterMITM provides a REST API for external tool integration:
# Get all flows
curl http://127.0.0.1:8081/api/flows
# Get flow by ID
curl http://127.0.0.1:8081/api/flows/{flow_id}
# Replay flow
curl -X POST http://127.0.0.1:8081/api/flows/{flow_id}/replaySee the Help tab for complete API documentation.
Export flows to various formats:
- Postman - Postman Collection v2.1
- Insomnia - Insomnia export format
- OpenAPI/Swagger - OpenAPI 3.0 specification
- HAR - HTTP Archive format
- JSON - Custom JSON format
- CSV - Comma-separated values
Create custom transformers using JavaScript or Python:
// Example: Add custom header to all requests
function transformRequest(flow) {
flow.request.headers["X-Custom-Header"] = "Value";
return flow;
}We welcome contributions! See CONTRIBUTING.md for guidelines.
Areas where we'd love help:
- 🐛 Bug fixes
- ✨ New features
- 📝 Documentation improvements
- 🎨 UI/UX enhancements
- 🧪 Testing
- 🌐 Translations
- Discord: Join our Discord server for support, discussions, and updates
- GitHub Issues: Report bugs or request features
- Documentation: Check the Help tab in BetterMITM for detailed guides
All 31 planned features have been implemented! We're always open to new feature suggestions.
Check out our FEATURE_IDEAS.md for ideas and planned enhancements.
- Web Interface Focus: BetterMITM is optimized for the web interface (mitmweb). Advanced features work best in the browser.
- Educational Use: This tool is for educational purposes, security research, and testing your own applications.
- Certificate Installation: You must install the CA certificate from
http://mitm.itto intercept HTTPS traffic. - Certificate Pinning: Some apps use certificate pinning and cannot be intercepted.
- Performance: BetterMITM is designed for development and testing. For high-volume production use, consider performance tuning.
If you see Errno 10048 or port already in use:
- Stop any other instances of BetterMITM
- Or use a different port:
--mode regular@8082
- Clear browser cache
- Check browser console for errors (F12)
- Ensure static assets are loading (check Network tab)
- Try incognito/private window
- Ensure
uvis installed:uv --version - Ensure Node.js 18+ is installed:
node --version - Try running
uv syncandnpm installmanually
- Use Performance Profiling tab to identify bottlenecks
- Reduce number of active rules/scripts
- Limit flow history size
- Disable unnecessary features
BetterMITM is based on mitmproxy and follows the same MIT license. See the LICENSE file for details.
BetterMITM is a fork of mitmproxy, an excellent open-source HTTP proxy tool created by the mitmproxy team. We extend their great work with additional features and improvements.
Special thanks to:
- The mitmproxy team for the excellent base
- All contributors and the BetterMint community
- Everyone who reported bugs and suggested features
See CHANGELOG.md for a detailed list of changes and updates.
- ✅ All 31 features fully implemented
- ✅ Enhanced UI with improved layouts
- ✅ Fixed splitter dragging issue
- ✅ Improved scrollbar visibility
- ✅ Enhanced help documentation
- ✅ Better performance monitoring
- ✅ Improved timeline visualization
- ✅ Comprehensive security testing suite
Made with ❤️ by the BetterMint community
