How to build a simple SSL mitm proxy

Awesome HowTo – though I use a raspi and mana.

1 Like

Awesome! The most important part of this article:

Burp is now ready to gather traffic on port 8080 and forward it to the Internet. However, the mobile device doesn’t know it should be sending traffic to the proxy server, so Burp won’t ever see it.

It is possible to configure the mobile device to use a proxy, but not all apps will respect that setting. Some apps will just send traffic past the proxy, defeating our goal of auditing the network traffic. A much better way to audit apps is to use the Mac firewall “pf” to send all traffic from the Bluetooth adapter through the proxy, so the mobile device won’t know it’s using a proxy.

So – i currently use a RaspPi that is setup to fake AP as well as sslstrip / stunnel / squid ( w/ a hack to log everything ) playing around with other projects…But i always come back to Burp…If it could just run headless and drop the logs somewhere else…id be all set. I use IPTables on the RaspPi to move everything from its default into the proxy –