Capturing https traffic on a headless server

April 23, 2019

Recently I needed to view the full HTTP GET and POST methods for a python application hosted on a headless server. I ended up using a tool call mitmproxy. This post will cover getting mitmproxy set up on a linux server and viewing the HTTP GET/POST requests on your local machine via a web interface.


You will need Python 3.6 and screen

yum install -y
yum update
yum install -y python36u python36u-libs python36u-devel python36u-pip screen


You will need to install mitmproxy

python36 -m ensurepip --default-pip
python36 -m pip install mitmproxy

Running mitmproxy

I recommend running mitmproxy in a screen session so that when you logoff it is still running

Start screen session

screen -S mitm

Start mitmproxy web

Stary mitmproxy by running mitmweb. By Default this will listen on



Web server listening at
No web browser found. Please open a browser and point it to
Proxy server listening at http://*:8080 clientconnect clientdisconnect clientconnect

Detach Screen

Now that you have mitmproxy running, you should detach the screen with the following key combination:



[detached from 28475.mitm]

Reattaching screen

Determine which screen mitm is on:

screen -list

Reattach the screen

screen -r 28475.mitm

Modifying your ssh config to tunnel traffic

Edit file ~/.ssh/config

Host foo # this is the "friendly" name of your server
    # ssh user
    User foo 

    # IP address of server

    # prevent terminal messages about socket connection errors
    LogLevel QUIET

    # forward remote socket (remote machine)
    # to local socket (your machine)
    LocalForward 40081 localhost:8081

    # key file used to ssh to server
    IdentityFile ~/.ssh/bar.pem 

SSH to server

Now you can run the following command to ssh to the friendly name of your server

ssh foo

Configure Server to use Proxy

Refer to your O/S specific documentation here. You should set applications or the O/S to use

View mitmproxy website

This will allow you to see the captured traffic. Using a web browser open up “”