Inspect TLS encrypted traffic using mitmproxy and Wireshark
The article details inspecting TLS traffic with mitmproxy and Wireshark, highlighting challenges and setup steps. It explains using wireguard-tools for connection and decrypting traffic for real-time validation. The author encourages community engagement.
Read original article
The article discusses the process of inspecting TLS encrypted traffic using mitmproxy and Wireshark. The author describes the need to inspect traffic flowing out of an application and the challenges faced due to limited documentation. The guide outlines the steps involved in setting up a container using systemd-nspawn, running mitmproxy for man-in-the-middle interception, and using Wireshark to decrypt the traffic. The author explains the use of wireguard-tools to establish a connection between the container and mitmproxy. The process involves creating a transparent proxy to intercept and decrypt the TLS traffic for live inspection. By configuring Wireshark to decrypt the traffic based on the SSLKEYLOGFILE, the author successfully inspects and validates code changes in real-time. Despite the complexity of the setup, the author hopes the information provided will be useful for others attempting to inspect TLS encrypted traffic. The article concludes with an invitation to engage with the Koyeb Community and explore the log exporter functionality on the platform.
Related
The FreeBSD-native-ish home lab and network
The author details a complex home lab setup with a FreeBSD server on a laptop, utilizing Jails for services like WordPress and emphasizing security measures and network configurations for efficiency and functionality.
Protecting sshd using spiped (2012)
The article highlights spiped as a secure pipe daemon to protect sshd, offering a simpler alternative to 'ssh -L' by establishing a pre-shared secret key between hosts. Spiped enhances server security efficiently.
3 commentsRelated
The FreeBSD-native-ish home lab and network
The author details a complex home lab setup with a FreeBSD server on a laptop, utilizing Jails for services like WordPress and emphasizing security measures and network configurations for efficiency and functionality.
Protecting sshd using spiped (2012)
The article highlights spiped as a secure pipe daemon to protect sshd, offering a simpler alternative to 'ssh -L' by establishing a pre-shared secret key between hosts. Spiped enhances server security efficiently.