MITM debugging proxy with a web GUI to view and modify all of the HTTP and HTTPS (SSL) traffic between your machine and the Internet. It is an open-source alternative to the popular Charles and Fiddler developer tools.
Mac: allproxy.dmg
RedHat: allproxy.rpm
Ubuntu: allproxy.deb
Windows: Setup.exe
Other install options:
- Install NPM package: npm install -g allproxy
- Clone repo and run: npm install && npm run build && npm start
- Clone repo and run headless: npm install && npm run build && npm run headless
- http://localhost:8888/allproxy in browser
- Docker container:
- docker build -t allproxy .
- docker run --name allproxy -i -t -v ~/.allproxy:/root/.allproxy —expose 8888 -p 9999:8888 allproxy
- http://localhost:8888/allproxy in browser
Capture Browser and Terminal Network Traffic
Launch your favorite browser or terminal from the Welcome modal, and capture all HTTP and HTTPS traffic.
Modify and Resend Captured HTTP Requests
1. Select a request, and click the green menu button.
2. Then, select the Resend Request option to open Resend Modal.
3. Modify the request, and click the Send button to resend the request.
Intercept and Modify HTTP Response
1. Click the Settings icon in the upper right corner, and select Breakpoints.
2. Click the Add Breakpoint button, and enter a string that matches any part of the request (e.g., URL) or response you wish to intercept.
3. When a matching request/response is detected, a Breakpoint modal pops up. You can modify the HTTP response body and click Ok.
Take Snapshots
To take a snapshot of all the captured network traffic: 1. Click the Camera icon, enter a snapshot name, and click Create.
2. In this example a new tab is created called "My Snapshot". Click the new tab to view the snapshot.
Export and Import Shapshots
To export a snapshot to a file:1. Click the More menu, and select Export Snapshot.
2. Enter a snapshot name, and click Export.
To import a snapshot:
1. Click the More menu, and select Import Snapshot.
2. Select a snapshot file from the file manager, and click Open. A new tab is created from the imported snapshot.
View JSON Log File
1. From the Welcome modal, click the View JSON Log File button.
2. Optionally, enter one or more comma separated primary JSON field names, and then click the Select JSON File button.
3. Select a JSON log file from the file manager. The JSON log can now be viewed by the AllProxy application:
Dark Mode
Click the Settings icon in the upper right corner, and select the Appearance option.
Capture MySQL, gRPC, MongoDB, Redis, Memcached, TCP, and log messages.
AllProxy Application
Version 12 or higher is required. Use nvm to install the appropriate node version.
The AllProxy may be installed from Releases, NPM, or cloning the repo.
$ cd ~/git/allproxy
$ allproxy$ npm install
$ npm run buildRun Headless
$ npm run start-headlesshttp://localhost:8888/allproxy in browser.
Launch Electron Application
$ npm start$ npm install -g allproxy
$ npm run build
$ allproxy # start AllProxy applicationAfter starting AllProxy, run ~/.allproxy/bin/trustCert.sh enable from your terminal to install and trust the CA certificate.
The ca.pem location:
- ~/.allproxy/ca.pem
Some browsers (e.g., Firefox) do not use the system certificate store, and will require the certificate to be imported in to the browser CA certificate store.
The AllProxy application may also be opened in your browser:
- http://localhost:8888/allproxy in browser.
Run ~/.allproxy/bin/systemProxy.sh enable from your terminal to configure the system proxy.
Some browser (e.g., Firefox) do not use the system proxy settings, and you will not to configure the browser proxy settings to:
- host: localhost
- port: 8888
To capture http/https messages initiated by terminal commands, set the HTTPS_PROXY and HTTP_PROXY environment variables.
$ export HTTPS_PROXY=localhost:8888
$ export HTTP_PROXY=localhost:8888To prevent hosts from being proxied to AllProxy, use the NO_PROXY environment variable:
$ export NO_PROXY=domain1,domain2,...To capture HTTP and HTTPS messages, configure your browser to proxy HTTP/HTTPS messages to the AllProxy. The default is to proxy both HTTP and HTTPS messages to port 8888. This is how Firefox can be configured to proxy HTTP and HTTPS messages.
For chrome and chromium you can set the browser proxy using environment variables http_proxy and https_proxy.
$ HTTP_PROXY=http://localhost:8888 HTTPS_PROXY://8888 chromium-browser
This section gives example on how to configure the AllProxy. Clicking the settings icon in the upper right corner opens the Setting modal.
Both a forward and reverse proxy is supported for HTTP/HTTPS messages. Your browser must be configured to proxy HTTP/HTTPS messages to the forward proxy. See Configure Browser Proxy for more information on configuring your browser.
The reverse proxy can be used to transparently capture HTTP/HTTPS messages sent by backend services. The backend service is configured to send the HTTP/HTTPS messages to the AllProxy. For example, a -search- microservice could be configured to send Elasticsearch messages to the AllProxy by setting environment variables.
Example -search- microservice configuration:
ELASTIC_HOST=elasticsearch
ELASTIC_PORT=9200Modified -search- micorservice configuration:
ELASTIC_HOST=allproxy # allproxy is the docker container host name
ELASTIC_PORT=8888 # allproxy HTTP port is 8888.An HTTP path is added to proxy HTTP requests to the elasticsearch host. All HTTP requests matching path /_search are proxied to the elasticsearch host on port 9200.
The SQL proxy can transparently capture SQL messages sent by backend microservices to a MySQL server.
Example microservice config file:
MYSQL_HOST=mysql
MYSQL_PORT=3306Modified microservice config file:
MYSQL_HOST=allproxy # Proxy queries to the AllProxy
MYSQL_PORT=3306The AllProxy is configured to proxy MySQL requests to the MySQL server:
The gRPC proxy can transparently capture gRPC HTTP/2 messages sent to backend microservices. Only unsecure connections are supported. Secure TLS support may be added in the future.
Example gRPC microservice config file:
GRPC_HOST=grpchost # gRPC host name
GRPC_PORT=12345 # gRPC port numberModified gRPC microservice config file:
GRPC_HOST=allproxy # Proxy gRPC requests to the AllProxy
GRPC_PORT=12345Proto files can be added to the proto/ directory so that the AllProxy tool can decode the binary data, and make it readable. AllProxy currently only supports GRPC URLs of the form //. (e.g., /mypackage/mMService/MyFunc).
The AllProxy is configured to proxy gRPC requests to a microservice:
The MongoDB proxy can transparently capture MongoDB messages sent by backend microservices.
Example MongoDB microservice config file:
MONGO_HOST=mongodb # MongoDB host name
MONGO_PORT=27017 # MongoDB port numberModified MongoDB microservice config file:
MONGO_HOST=allproxy # Proxy MongoDB requests to the AllProxy
MONGO_PORT=27017The AllProxy is configured to proxy MongoDB requests to a microservice:
The Redis proxy can transparently capture Redis messages sent by backend microservices.
Example Redis microservice config file:
REDIS_HOST=redis # Redis host name
REDIS_PORT=6379 # Redis port numberModified Redis microservice config file:
REDIS_HOST=allproxy # Proxy Redis requests to the AllProxy
REDIS_PORT=6379The AllProxy is configured to proxy Redis requests to a microservice:
The TCP proxy can transparently capture TCP request/response messages sent by backend microservices. For example, the TCP proxy can be used to capture memcached messages.
Example Memcached microservice config file:
MEMCACHED_HOST=memcached # Memcached host name
MEMCACHED_PORT=11211 # Memcached port numberModified Memcached microservice config file:
MEMCACHED_HOST=allproxy # Proxy Memcached requests to the AllProxy
MEMCACHED_PORT=11211The AllProxy is configured to proxy Memcached requests to a microservice:
AllProxy can capture log messages with the tail, docker, or kubectl command. The -f option is used to capture log messages, and view them in the AllProxy application.
The AllProxy application can be opened from the browser with URL http://localhost:8888/allproxy.
The recording of messages can be temporarily stopped, to allow time to examine the messages without the log wrapping.
Filtering allows you to find messages matching a search filter, and hide other messages. The entire message is search for a match. The filter may be case insensitive, case sensitive, a logical expression, or a regular expression.
Types of filters:
- case insensitive - If Aa is not selected, a case insensitive search is performed.
- case ensensitive - If Aa is selected, a case sensitive search is performed.
- logical expression - If && is selected, &&, ||, (), and ! operators may be used to build a logical expression.
- regular expression - If .* is selected, regular expression match in performed.
Boolean filters can use &&, ||, !, and parenthesis.
To resend an HTTP or HTTPS request, click on the icon next to the request to open a modal. Optionally modify the request body, and then click the send button. If recording is not paused, the resent request should appear at the bottom of the request panel.
Breakpoints can be set to match any part of the HTTP request or response, and then modify the JSON response then the breakpoint matches.
Click Settings->Breakpoints: 
In this example a breakpoint is set to match on URL https://us-south-stage01.iaasdev.cloud.ibm.com/v1/vpcs.
When a request URL matches https://us-south-stage01.iaasdev.cloud.ibm.com/v1/vpcs, a model pops up to allow the JSON response body to be edited. The response JSON body can be edited, and Ok clicked to forward the response back to the client.
Custom JavaScript code may be provided to modify any JSON response. Add your custom code to the InterceptJsonResponse() function is called for every JSON response, and can be modified to customize the JSON response body. Edit the **intercept/InterceptResponse.js file as needed.
$ vi intercept/InterceptResponse.jsExample:
module.exports = function InterceptJsonResponse(clientReq, json) {
const reqUrl = url.parse(clientReq.url);
const path = reqUrl.pathname;
const query = reqUrl.query;
/**
* Add your code here to modify the JSON response body
*/
if (path === '/aaa/bbb') {
json.addMyField = 1;
return json; // return modified JSON response body
}
return null; // do not modify JSON response body
}Clicking on the camera icon will take a snapshot of the currently captured messages, and create a new snapshot tab. A snapshot tab may be exported to a file, and later imported again.
Multiple Application instances can be opened in separate browser tabs, and all of the open Applications will record messages.
Each Application instance keeps its own copy of the messages, so clearing or stopping recording in one Application instance, does not affect another other Application instances.
Generated certificates are stored in .allproxy/.http-mitm-proxy/certs/. Import allproxy/ca.pem to your browser to trust all AllProxy generated certificates.
- HTTP proxy - The http package is used to proxy HTTP traffic as either a forward or reverse proxy.
- TCP proxy - The net package is used to listen on a TCP port for non-HTTP messages, and proxy the protocol messages to the target host.
- Socket.IO - The node socket.io package is used to pass messages between the server and browser where they are recorded and displayed in a application.
- stdout/stderr - Spawn a child process to read stdout and stderr from any docker log or log file, and display the log messages in the application.
- When running from a GitHub package, config.json file is stored in the root directory of your GitHub project.
- When running from an NPM package (allproxy script), the config.json file is stored your home directory at $HOME/.allproxy/config.json.
Usage: allproxy [--listen [host:]port] [--listenHttps [host:]port]
Options:
--listen - listen for incoming http connections. Default is 8888.
--listenHttps - listen for incoming https connections.
Example: allproxy --listen 8888- Only HTTP/2 reverse proxy is supported. HTTP/2 forward proxy is not supported.
This code is licensed under the MIT License.