We have seen how mitmproxy works and learnt how to create inline scripts to extend the proxy and manipulate communication. We have learnt to add a vulnerability scanner function to the HTTP proxy to assist us during web application penetration tests.
We provided you with the basic knowledge and skills to help you in the future when creating your own custom tools. If you are starting your journey as a pentester, this will give you a solid foundation on which to build your custom tools for every situation, and will allow you to modify and extend existing tools.
Now that you know the basics, you can continue your journey, improving your skills and putting them into practice. In order to do so, I recommend the following resources:
- OWASP WebGoat (https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project). This is a training course provided on the form of a VM. This training...
