A powerful desktop application for capturing, analyzing, and modifying web content in real-time. Built with PyQt6 and an integrated mitmproxy server for comprehensive web traffic interception and modification.
- ๐ Full Web Browser: Chromium-based browser with complete SSL/TLS interception
- ๐ก Traffic Capture: Intercepts and saves all HTTP/HTTPS requests and responses
- ๐ Real-time Content Replacement: Modify web content on-the-fly using regex patterns
- ๐ Organized Storage: Automatic content organization with detailed metadata
- ๐ Self-Contained: No system modifications or admin privileges required
- ๐จ Intuitive UI: Tabbed interface for browsing, capture logs, and rule management
pip install PyQt6 PyQt6-WebEngine mitmproxy fastapi uvicorn requests osbot-utilscd osbot_pyqt6
python3 ./main_app.pyThe application will start with:
- Integrated mitmproxy on port 8080
- FastAPI backend on port 8000
- Browser with automatic proxy configuration
Web browser showing real-time content modification - notice how "Dinis" is replaced with "MODIFIED" throughout the page
BBC Sports page with injected warning banner demonstrating content modification capabilities
Configuration interface showing active replacement rules and statistics
- Local mitmproxy server running within the Python application
- SSL/TLS interception with automatic certificate handling
- Content capture for all web traffic (HTML, JSON, CSS, JS, images, etc.)
- Real-time content replacement using configurable regex patterns
- Three-tab interface: Browser, Capture Log, and Content Replacement
- FastAPI backend for content management and API access
- JSON-based configuration stored in
./captures/replacements.json - Regex pattern matching with full flag support (IGNORECASE, MULTILINE, etc.)
- Content-type filtering (HTML, JSON, CSS, JavaScript)
- Live reload - changes take effect immediately
- Visual indicators showing which content has been modified
- Replacement statistics tracking
- Automatic content organization by flow ID
- Complete metadata storage (headers, timestamps, status codes)
- Content-aware file storage (HTML as .html, JSON as .json, etc.)
- Performance optimized loading with duration tracking
- Visual indicators (๐ for modified content, ๐ก for original)
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ PyQt6 Desktop App โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ QtWebEngine Browser โโ
โ โ (SSL Bypass + Auto Proxy) โโ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ Tab Interface โโ
โ โ โข Browser โโ
โ โ โข Capture Log โโ
โ โ โข Content Replacement โโ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโ
โ All Traffic
โผ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Integrated mitmproxy Server โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ ContentCaptureAddon โโ
โ โ โข Intercepts requests/responsesโโ
โ โ โข Applies replacements โโ
โ โ โข Saves content & metadata โโ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ ContentReplacer โโ
โ โ โข Regex pattern matching โโ
โ โ โข Content-type filtering โโ
โ โ โข Real-time modification โโ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโ
โ
โผ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Storage Layer โ
โ โข ./captures/[flow-id]/ โ
โ - metadata.json โ
โ - response.html/json/txt โ
โ - request.bin โ
โ โข ./captures/replacements.json โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
OSBot-PyQt6/
โโโ osbot_pyqt6/
โ โโโ main_app.py # Main application entry point
โ โโโ start_mitmproxy.py # Integrated mitmproxy implementation
โ โโโ content_replacer.py # Content replacement engine
โ โโโ server.py # FastAPI backend server
โ โโโ Version.py # Version management
โ โโโ __init__.py # Package initialization
โ
โโโ captures/ # Auto-created storage directory
โ โโโ replacements.json # Content replacement rules
โ โโโ [flow-id]/ # Captured content by flow
โ โโโ metadata.json
โ โโโ response.html
โ โโโ request.bin
โ
โโโ README.md # This file
# Start the application
cd osbot_pyqt6
python3 ./main_app.py
# All web traffic is automatically captured
# Check the Capture Log tab to see intercepted requests{
"replacements": [
{
"name": "Replace 'Dinis' with 'MODIFIED'",
"pattern": "\\bDinis\\b",
"replacement": "******MODIFIED****",
"flags": ["IGNORECASE"],
"content_types": ["text/html", "application/json"],
"enabled": true,
"description": "Example replacement"
},
{
"name": "Add banner to HTML pages",
"pattern": "(<body[^>]*>)",
"replacement": "\\1<div style=\"background: black; color: white; padding: 10px; text-align: center;\">โ ๏ธ CONTENT MODIFIED BY PROXY โ ๏ธ</div>",
"flags": ["IGNORECASE"],
"content_types": ["text/html"],
"enabled": true
}
]
}# Custom ports
python3 ./main_app.py --api-port 8001 --proxy-port 8081
# Disable content replacement
python3 ./main_app.py --no-replacement
# Quiet mode (less verbose output)
python3 ./main_app.py --quietThe application automatically sets up required environment variables for SSL bypass:
QTWEBENGINE_CHROMIUM_FLAGS: Comprehensive SSL and security bypass flagsQTWEBENGINE_DISABLE_SANDBOX: Disabled for developmentQTWEBENGINE_REMOTE_DEBUGGING: Port 9222 for debugging
Each rule in replacements.json supports:
- name: Descriptive name for the rule
- pattern: Regular expression pattern
- replacement: Replacement string (supports backreferences)
- flags: Array of regex flags (IGNORECASE, MULTILINE, DOTALL, etc.)
- content_types: Array of MIME types to apply the rule to
- enabled: Boolean to enable/disable the rule
- description: Optional description
- Modify any text content as it passes through the proxy
- See changes instantly in the browser
- Visual indicators show modified content (๐) vs original (๐ก)
- Every request and response is captured
- Organized storage with metadata
- Quick access to captured content through the Capture Log tab
- Edit rules through the UI or directly in JSON
- Reload rules without restarting the application
- View statistics on rule applications
Browser doesn't load HTTPS sites:
- Ensure mitmproxy is running (check Proxy status indicator)
- SSL bypass is automatically configured
Content replacement not working:
- Check that replacement is enabled (green status indicator)
- Verify your regex patterns in the Content Replacement tab
- Ensure the content type matches your rule configuration
Application won't start:
- Install all dependencies:
pip install PyQt6 PyQt6-WebEngine mitmproxy fastapi uvicorn requests osbot-utils - Check that ports 8080 (proxy) and 8000 (API) are available
Contributions are welcome! Please feel free to submit pull requests or open issues for bugs and feature requests.
- Fork the repository
- Create your feature branch:
git checkout -b feature/amazing-feature - Commit your changes:
git commit -m 'Add amazing feature' - Push to the branch:
git push origin feature/amazing-feature - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- mitmproxy team for the excellent proxy framework
- PyQt6 for robust desktop application capabilities
- FastAPI for the clean API framework
- OWASP community for security research and tools
Note: This tool is intended for authorized security testing, web development, and research purposes only. Always ensure you have permission before intercepting or modifying web traffic.