![]() Scriptable in Python - you can build automation around HTTP Toolkit's internals using mockttp, but that's JS, and it's mostly usable standalone, rather than integrated into normal workflows. HTTP Toolkit could do that it in theory, but it doesn't right now, and it's not high on my todo list (contributions welcome though!) Mitmproxy has a few advantages of its own of course:ĬLI interface - some people strongly prefer this. built-in documentation for all standard HTTP headers, plus autoformatting, syntax highlighting, folding, regex searching etc for request & response bodies, plus 'this is how and why this response could be cached' caching explanations, plus OpenAPI-powered docs for specific endpoints on 1400+ APIs, etc. ![]() Lots more background information about the raw data you've intercepted: e.g. You can then build libraries of these rules, group & manage them, and export/import them (as JSON) to your colleagues. HTTP Toolkit lets you press 'new rule' -> 'GET requests' -> 'match regex ' -> 'then reply with ', and then immediately start injecting automated fake responses. mitmproxy requires uses a fiddly syntax of special characters to define matching & rewriting rules, or requires you to write a full python script. ![]() In some cases, that allows you to do things that'd be nearly impossible to do manually, like intercepting node.js-based tools and scripts (which don't normally use system proxy settings, for no good reason), intercepting individual chrome or terminal windows without intercepting your whole system, or system-level intercepting Android emulators started by Android Studio. That can be very complicated! HTTP Toolkit does a lot of work to closely integrate with lots of different targets to make that completely disappear. One-click setup: mitmproxy requires you to manually configure whichever client you want to use its proxy, and to trust its CA certificate for all HTTPS. HTTP Toolkit is trying to do a few major things on top that mitmproxy isn't though: The internals are effectively the same: under the hood we're both intercepting HTTP(S) proxies. Yep, but I'll try to keep it neutral! I have used mitmproxy a lot myself in the past, and it is a great tool. And yes I know the answer is obviously gonna be biased ^
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |