![]()
The only 'backend' the exists is a tiny user auth & subscription service (also open source) and a dumb web server that just hosts static web content, and you can drop both if you build & run it locally. I see what you're saying, but this isn't 'open core', and it isn't a software-as-a-service that I can turn off: it's a 100% open-source & locally run desktop app. Otherwise, you'll be pressed into submitting your soul/house/firstborn to the authors of the next 500 line bash script :D Or spend some time to write couple small golang http/proxy wrappers / set up Openresty one time and don't waste time on "open your wallet kindly sir source". They may not have this polish, but they are more than enough to mock and transform requests. To anyone considering using this: there's fiddler, mitmproxy and couple others. HTTP TOOLKIT GITHUB INSTALLHow about being forced to use "free" linux distro when you'll need to buy the right to install more than 50 packages? Or "free" terminal where you'll need to sign NDA to use ncurses apps? Disgusting. One day I'll just buy the oldest example of these - yeah like some SoapUI from 2006, that was entirely workable IIRC - to stop ever losing time on checking how this new piece is going to try extorting some money and would set myself on forking and restoring all functionality possible. Traefik can be hacked fast to have 300% of this, but then again its too much expecting for you to have some stupid k8s mindset to start with). resulting in having to pay or having to install a clusterload of k8s to get a single function running. Oh yeah, we sure need another of these vendor lock-ins claiming themselves to be "free" and "open", like having Wiremock/Mocklab, Tyk, hell even Kraken (this one doesn't support websocket unless paid) was not enough. HTTP TOOLKIT GITHUB PROIf you really like CLI tools, or you want to do some Python-scripted HTTP rewriting, or you need websocket debugging, mitmproxy might be better.Īll contributors get free HTTP Toolkit Pro Overall, I think if you want to immediately start intercepting and interacting with traffic (especially on Android) HTTP Toolkit is the best choice. WebSockets get passed through fine, but they don't appear in the UI, and you can't set up mock rules for them. WebSocket debugging - this is coming for HTTP Toolkit very soon, but it's not available today. If you want complex scripted rules, mitmproxy has a few more options right now, and lets you do things in python instead of JS, which some people will prefer. Scriptable in Python - you can build automation around HTTP Toolkit's internals using mockttp, but that's JS, and it's mostly usable standalone, rather than integrated into normal workflows. HTTP Toolkit could do that it in theory, but it doesn't right now, and it's not high on my todo list (contributions welcome though!) Mitmproxy has a few advantages of its own of course:ĬLI interface - some people strongly prefer this. HTTP TOOLKIT GITHUB PLUSbuilt-in documentation for all standard HTTP headers, plus autoformatting, syntax highlighting, folding, regex searching etc for request & response bodies, plus 'this is how and why this response could be cached' caching explanations, plus OpenAPI-powered docs for specific endpoints on 1400+ APIs, etc. Lots more background information about the raw data you've intercepted: e.g. You can then build libraries of these rules, group & manage them, and export/import them (as JSON) to your colleagues. HTTP Toolkit lets you press 'new rule' -> 'GET requests' -> 'match regex ' -> 'then reply with ', and then immediately start injecting automated fake responses. HTTP TOOLKIT GITHUB FULLmitmproxy requires uses a fiddly syntax of special characters to define matching & rewriting rules, or requires you to write a full python script. HTTP TOOLKIT GITHUB ANDROIDIn some cases, that allows you to do things that'd be nearly impossible to do manually, like intercepting node.js-based tools and scripts (which don't normally use system proxy settings, for no good reason), intercepting individual chrome or terminal windows without intercepting your whole system, or system-level intercepting Android emulators started by Android Studio. That can be very complicated! HTTP Toolkit does a lot of work to closely integrate with lots of different targets to make that completely disappear. One-click setup: mitmproxy requires you to manually configure whichever client you want to use its proxy, and to trust its CA certificate for all HTTPS. HTTP Toolkit is trying to do a few major things on top that mitmproxy isn't though: The internals are effectively the same: under the hood we're both intercepting HTTP(S) proxies. Yep, but I'll try to keep it neutral! I have used mitmproxy a lot myself in the past, and it is a great tool. And yes I know the answer is obviously gonna be biased ^ ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |