When I am pentesting an API, sometimes there are timed requests/responses. What I mean is that if I have proxy enabled, the server or app is expecting a response within a few seconds, and this is not enough time for me to edit the request or response body when I am intercepting the traffic. This occurs for example with a “heartbeat” request. It expects a heartbeat every 10 seconds and when it doesn’t hear back due to my proxy, it detects something is wrong.
How can I manipulate these types of requests without alerting the system that there is a proxy?