Hack on Mitmproxy

DegreeBachelor / Master
StatusAvailable
Supervisor(s)Maximilian Hils, MSc

Description

mitmproxy is your swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify and replay web traffic such as HTTP/1, HTTP/2, WebSockets, or any other SSL/TLS-protected protocols. You can prettify and decode a variety of message types ranging from HTML to Protobuf, intercept specific messages on-the-fly, modify them before they reach their destination, and replay them to a client or server later on.

If you would like to have a thesis project with a significant software development part, we offer you the opportunity to work with us on mitmproxy, make a significant contribution to the project, and then write up a summary and – depending on what you have built – an evaluation of your work. mitmproxy is a large project with a huge number of interesting areas to explore, down from low-level protocol work (in Python) to a modern web interface (React/TypeScript). Our Google Summer of Code ideas list may give you some ideas. No matter which part of mitmproxy you are working on, you’ll learn how to contribute to a popular open source project and your code will ship to hundreds of thousands of users.

If this sounds interesting to you, please familiarize yourself with the project, think of a feature you would like to work on, and then reach out by email and describe your proposal in a few sentences.

References

  • Cortesi, A., Hils, M., Kriechbaumer, T., and contributors. mitmproxy: A free and open source interactive HTTPS proxy. https://mitmproxy.org/.