XDA Picks: Best Apps of the Week (June 27 – July 4)

Apps are at the front and center of any smartphone experience, and with over a … more

HTC One M9 Developer Edition Android 5.1 OTA

The Developer Edition of the HTC One M9 is receiving an over-the-air update to Android 5.1. … more

Index Project For XDA Device Subforums

Another ambitious project from the collaborative efforts of Recognized Contributors and Forum … more

The Atlas of XDA

A few weeks ago, we asked you “How Does Your Location Affect Your Life As A Power User?”. In the days that … more

[TOOL][HTTP/HTTPS analyzer]SandroProxy

227 posts
Thanks Meter: 70
By SandroBSupp, Senior Member on 27th June 2012, 11:35 PM
Post Reply Subscribe to Thread Email Thread

Proxy, http analyzer, mitm, transparent proxy


Why would you use it:
- behind corporate firewall/proxy, needing to connect to squid, isa/forefront proxy with authentication
- developer to examine http traffic, with embedded chrome devtools that can be used as ide
- security analyst examining how apps communicate with servers
- ...

- can act as pass-through proxy, traffic is not stored, ssl tunnel remains the same to server.
- capture,intercept request/response, replay, change before sending further
- can use client certificate to make connection to web server
- creates server certificates on the fly with proper host name
- transparent proxy needs superuser, su, iptables (1.4.10 or higher) to listens on port 80, 443
- request/response are stored as files so can be examined later on
- can bind only local or on all adapters
- client cache headers can be removed so content is always fetched from server (no 304 Not Modified responses)
- custom proxy plugins
- custom search criteria on show request/responses with scripting
- can connect to another proxy (Squid, ISA proxy, ForeFront TMG proxy) (basic, digest, ntlm authentication supported)
- can act as web server to filter/examine captured data
- can connect to insecure sites, switch on/off in preferences
- can use chrome devtools to examine captured data
- chorme devtools 3D panel
- websockets support

there are ads on log tab and google analytic events on switching tabs
sorry for that

custom proxy plugins:

manual requests:

Proxy acts as SSL man-in-the-middle. It generates sites certificates on the fly.
Issuer is named UNTRUSTED.
Based on WebScarab so all credits goes there.

Requests/Responses are stored in getExternalCacheDir()


There is no security enforced with these files. All applications can read and write files placed here.


Use stock browser and change that wi-fi uses proxy on localhost:8008

Copy from app thread, because it can also be used as development tool.
For example to store application/server http/https comunication.

Last edited by SandroBSupp; 25th May 2013 at 09:31 AM. Reason: added link to wiki how to connect to other proxy
The Following 14 Users Say Thank You to SandroBSupp For This Useful Post: [ View ]
27th June 2012, 11:54 PM |#2  
Account currently disabled
Thanks Meter: 270
This is sweet, good job!
The Following User Says Thank You to john9 For This Useful Post: [ View ]
28th June 2012, 04:20 PM |#3  
Junior Member
Flag East Java
Thanks Meter: 5
wow.. this is what I'm looking for...! thanks, downloading it.

is it tracking request from internet browser only or any request from every app and any protocol maybe? in spite of the title HTTP/HTTPS analyzer
28th June 2012, 08:02 PM |#4  
SandroBSupp's Avatar
OP Senior Member
Thanks Meter: 70
Just for http/https.

It can act as
proxy -> you must specify proxy in browser settings
transparent proxy -> you must somehow change where tcp packets are going (iptables)

Now I am working on tab where redirection on phone can be done from gui for all processes that have network permissions.
It creates iptable rules as:
iptables -t nat -A OUTPUT -m owner --uid-owner <xxxxx> -p tcp --dport 80 -j DNAT --to

But still long way to make it work properly...

28th June 2012, 08:08 PM |#5  
SandroBSupp's Avatar
OP Senior Member
Thanks Meter: 70
It can track any app that uses http/https.
Not quite sure about ports. Probably just 80/433 but I could change that can be value in preferences.
30th June 2012, 10:42 AM |#6  
SandroBSupp's Avatar
OP Senior Member
Thanks Meter: 70
New feature: gui for process->trasparent proxy redirection
It activated additional iptables rules so the process is redirected to transparent proxy.

iptables -t nat -A OUTPUT -m owner --uid-owner <xxxxx> -p tcp --dport 80 -j DNAT --to

4th July 2012, 07:35 PM |#7  
SandroBSupp's Avatar
OP Senior Member
Thanks Meter: 70
new feature: browser cache on/off
There is setting that removes browser cache headers.

9th July 2012, 11:57 AM |#8  
Senior Member
Thanks Meter: 50
dumb question: would your app help to make gTalk work on corporate networks protected by Forefront ?

Many thanks
9th July 2012, 05:46 PM |#9  
SandroBSupp's Avatar
OP Senior Member
Thanks Meter: 70
Sorry, not yet.
Probably you need NTLM authentication to proxy?
Chaining Sandroproxy to ntlm proxy is on the list of future features.
10th July 2012, 11:31 AM |#10  
Senior Member
Flag Thessaloniki
Thanks Meter: 209
I can't find it on the Market/Play crap.
Device: GT-i9100 on 4.0.3 rooted. Country: Greece
Current Operator:Vodafone GR, tried also with GR COSMOTE. Any ideas?
Post Reply Subscribe to Thread

http, mitm, pac, proxy, ssl
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes