diff --git a/README.md b/README.md index 72fbef0..f2f3c99 100644 --- a/README.md +++ b/README.md @@ -1,47 +1,51 @@ # go-mitmproxy -[简体中文](./README_CN.md) +[English](./README.md) -[Mitmproxy](https://mitmproxy.org/) implemented with golang. Intercept HTTP & HTTPS requests and responses and modify them. +Golang 版本的 [mitmproxy](https://mitmproxy.org/)。 -## Features +用 Golang 实现的中间人攻击([Man-in-the-middle](https://en.wikipedia.org/wiki/Man-in-the-middle_attack)),解析、监测、篡改 HTTP/HTTPS 流量。 -- Intercept HTTP & HTTPS requests and responses and modify them on the fly -- SSL/TLS certificates for interception are generated on the fly -- Certificates logic compatible with [mitmproxy](https://mitmproxy.org/), saved at `~/.mitmproxy`. If you used mitmproxy before and installed certificates, then you can use this go-mitmproxy directly -- Addon mechanism, you can add your functions easily, refer to [addon/addon.go](./addon/addon.go) -- Performance advantages - - Golang's inherent performance advantages - - Forwarding and parsing HTTPS traffic in process memory without inter-process communication such as tcp port or unix socket - - Use LRU cache when generating certificates of different domain names to avoid double counting -- Support `Wireshark` to analyze traffic through the environment variable `SSLKEYLOGFILE` -- Support streaming when uploading/downloading large files -- Web interface +## 特点 -## Install +- HTTPS 证书相关逻辑参考 [mitmproxy](https://mitmproxy.org/) 且与之兼容,根证书也保存在 `~/.mitmproxy` 文件夹中,如果之前用过 `mitmproxy` 且根证书已经安装信任,则此 `go-mitmproxy` 可以直接使用 +- 支持插件机制,很方便扩展自己需要的功能,可参考 [examples](./examples) +- 性能优势 + - Golang 天生的性能优势 + - 在进程内存中转发解析 HTTPS 流量,不需通过 tcp 端口 或 unix socket 等进程间通信 + - 生成不同域名证书时使用 LRU 缓存,避免重复计算 +- 通过环境变量 `SSLKEYLOGFILE` 支持 `Wireshark` 解析分析流量 +- 上传/下载大文件时支持流式传输 +- Web 界面 + +## 安装 ``` go install github.com/lqqyt2423/go-mitmproxy/cmd/go-mitmproxy@latest ``` -## Usage +## 命令行使用 -### Startup +### 启动 ``` go-mitmproxy ``` -After startup, the HTTP proxy address defaults to port 9080, and the web interface defaults to port 9081. +启动后,HTTP 代理地址默认为 9080 端口,Web 界面默认在 9081 端口。 -After the first startup, the SSL/TLS certificate will be automatically generated at `~/.mitmproxy/mitmproxy-ca-cert.pem`. You can refer to this link to install: [About Certificates](https://docs.mitmproxy.org/stable/concepts-certificates/). +首次启动后需按照证书以解析 HTTPS 流量,证书会在首次启动命令后自动生成,路径为 `~/.mitmproxy/mitmproxy-ca-cert.pem`。可参考此链接安装:[About Certificates](https://docs.mitmproxy.org/stable/concepts-certificates/)。 -### Help +### 启动参数 ``` Usage of go-mitmproxy: -addr string proxy listen addr (default ":9080") + -cert_path string + path of generate cert files + -debug int + debug mode: 1 - print debug log, 2 - show debug from -dump string dump filename -dump_level int @@ -54,17 +58,15 @@ Usage of go-mitmproxy: show version -web_addr string web interface listen addr (default ":9081") - -cert_path string - path of generate cert files ``` -## Usage as package +## 作为包引入 -Refer to [cmd/go-mitmproxy/main.go](./cmd/go-mitmproxy/main.go), you can add your own addon by call `AddAddon` method. +参考 [cmd/go-mitmproxy/main.go](./cmd/go-mitmproxy/main.go),可通过自己实现 `AddAddon` 方法添加自己实现的插件。 -For more examples, please refer to [examples](./examples) +更多示例可参考 [examples](./examples) -## Web interface +## Web 界面 ![](./assets/web-1.png) @@ -74,8 +76,8 @@ For more examples, please refer to [examples](./examples) ## TODO -- [ ] Support http2 -- [ ] Support parse websocket +- [ ] 支持 http2 协议 +- [ ] 支持解析 websocket ## License diff --git a/README_CN.md b/README_CN.md deleted file mode 100644 index 6cf151d..0000000 --- a/README_CN.md +++ /dev/null @@ -1,82 +0,0 @@ -# go-mitmproxy - -[English](./README.md) - -Golang 版本的 [mitmproxy](https://mitmproxy.org/)。 - -用 Golang 实现的中间人攻击([Man-in-the-middle](https://en.wikipedia.org/wiki/Man-in-the-middle_attack)),解析、监测、篡改 HTTP/HTTPS 流量。 - -## 特点 - -- HTTPS 证书相关逻辑参考 [mitmproxy](https://mitmproxy.org/) 且与之兼容,根证书也保存在 `~/.mitmproxy` 文件夹中,如果之前用过 `mitmproxy` 且根证书已经安装信任,则此 `go-mitmproxy` 可以直接使用 -- 支持插件机制,很方便扩展自己需要的功能,可参考 [addon/addon.go](./addon/addon.go) -- 性能优势 - - Golang 天生的性能优势 - - 在进程内存中转发解析 HTTPS 流量,不需通过 tcp 端口 或 unix socket 等进程间通信 - - 生成不同域名证书时使用 LRU 缓存,避免重复计算 -- 通过环境变量 `SSLKEYLOGFILE` 支持 `Wireshark` 解析分析流量 -- 上传/下载大文件时支持流式传输 -- Web 界面 - -## 安装 - -``` -go install github.com/lqqyt2423/go-mitmproxy/cmd/go-mitmproxy@latest -``` - -## 命令行使用 - -### 启动 - -``` -go-mitmproxy -``` - -启动后,HTTP 代理地址默认为 9080 端口,Web 界面默认在 9081 端口。 - -首次启动后需按照证书以解析 HTTPS 流量,证书会在首次启动命令后自动生成,路径为 `~/.mitmproxy/mitmproxy-ca-cert.pem`。可参考此链接安装:[About Certificates](https://docs.mitmproxy.org/stable/concepts-certificates/)。 - -### 自定义参数 - -``` -Usage of go-mitmproxy: - -addr string - proxy listen addr (default ":9080") - -dump string - dump filename - -dump_level int - dump level: 0 - header, 1 - header + body - -mapper_dir string - mapper files dirpath - -ssl_insecure - not verify upstream server SSL/TLS certificates. - -version - show version - -web_addr string - web interface listen addr (default ":9081") - -cert_path string - path of generate cert files -``` - -## 作为包引入 - -参考 [cmd/go-mitmproxy/main.go](./cmd/go-mitmproxy/main.go),可通过自己实现 `AddAddon` 方法添加自己实现的插件。 - -更多示例可参考 [examples](./examples) - -## Web 界面 - -![](./assets/web-1.png) - -![](./assets/web-2.png) - -![](./assets/web-3.png) - -## TODO - -- [ ] 支持 http2 协议 -- [ ] 支持解析 websocket - -## License - -[MIT License](./LICENSE) diff --git a/README_EN.md b/README_EN.md new file mode 100644 index 0000000..f128e70 --- /dev/null +++ b/README_EN.md @@ -0,0 +1,84 @@ +# go-mitmproxy + +[简体中文](./README_CN.md) + +[Mitmproxy](https://mitmproxy.org/) implemented with golang. Intercept HTTP & HTTPS requests and responses and modify them. + +## Features + +- Intercept HTTP & HTTPS requests and responses and modify them on the fly +- SSL/TLS certificates for interception are generated on the fly +- Certificates logic compatible with [mitmproxy](https://mitmproxy.org/), saved at `~/.mitmproxy`. If you used mitmproxy before and installed certificates, then you can use this go-mitmproxy directly +- Addon mechanism, you can add your functions easily, refer to [examples](./examples) +- Performance advantages + - Golang's inherent performance advantages + - Forwarding and parsing HTTPS traffic in process memory without inter-process communication such as tcp port or unix socket + - Use LRU cache when generating certificates of different domain names to avoid double counting +- Support `Wireshark` to analyze traffic through the environment variable `SSLKEYLOGFILE` +- Support streaming when uploading/downloading large files +- Web interface + +## Install + +``` +go install github.com/lqqyt2423/go-mitmproxy/cmd/go-mitmproxy@latest +``` + +## Usage + +### Startup + +``` +go-mitmproxy +``` + +After startup, the HTTP proxy address defaults to port 9080, and the web interface defaults to port 9081. + +After the first startup, the SSL/TLS certificate will be automatically generated at `~/.mitmproxy/mitmproxy-ca-cert.pem`. You can refer to this link to install: [About Certificates](https://docs.mitmproxy.org/stable/concepts-certificates/). + +### Help + +``` +Usage of go-mitmproxy: + -addr string + proxy listen addr (default ":9080") + -cert_path string + path of generate cert files + -debug int + debug mode: 1 - print debug log, 2 - show debug from + -dump string + dump filename + -dump_level int + dump level: 0 - header, 1 - header + body + -mapper_dir string + mapper files dirpath + -ssl_insecure + not verify upstream server SSL/TLS certificates. + -version + show version + -web_addr string + web interface listen addr (default ":9081") +``` + +## Usage as package + +Refer to [cmd/go-mitmproxy/main.go](./cmd/go-mitmproxy/main.go), you can add your own addon by call `AddAddon` method. + +For more examples, please refer to [examples](./examples) + +## Web interface + +![](./assets/web-1.png) + +![](./assets/web-2.png) + +![](./assets/web-3.png) + +## TODO + +- [ ] Support http2 +- [ ] Support parse websocket + +## License + +[MIT License](./LICENSE)