Thank you for sharing, weVeg. In these days I was searching for a proxy for performing a mitm...and I used a pretty simple "bash proxy" as
$ nc -l 80 | nc www.google.com
Yah, it worked fine...but I was still missing features as on the fly editing...and ssl. I just didn't know of existence of programs like this....I'm here to learn;)
Thank you
joker__
Hi joker! on bbox we already have this kind of tool, but i've found mitmproxy very useful as well as simply to use!!!
Which tools, eg?

if you try it would be useful some feedback!
Bye!!!!
[maybe OT, @ZEROF. If so, I may create a new topic for my question in the forum.]
Hi weVeg. I spent a bit of time on mitmproxy today. It is pretty intuitive, and very useful.
Actually I was meant to perform an "elegant" dns spoof. Maybe you can tell me how to do it using the application you suggested:
what i'm doing (working)With ettercap I start a session using dns_spoof plugin, spoofing e.g.
www.google.it [nofollow] to a local ip (let's say attacker: 192.168.1.5).
In this way anyone in the LAN who makes requests to google, it actually make requests to my ip.
Now I start a simple proxy that replies to the client (victim) connected, as google would:
$ mkfifo backpipe
# nc -l 80 0<backpipe | nc www.google.com 80 1>backpipe
Finally I may sniff all the data, through wireshark or so on...
This attack works pretty well: the victim doesn't realize he's being attacked.
what i'd like to doThe fatal problem is: what about https?
I belived that a software as the one you suggested may do this job for me.
I actually tried, but I didn't manage to.
How would you do it? Let's say: all the trafic to a server (google.com), as my previous example, is being redirected to your pc. How do you make mitmproxy replying all the client requests to google.com, also with https support?