A few things for everyone to think about. This tool seems to be aimed more on the non-interactive side. There are several other good tools out there which do this, but most of them are not oriented towards performing software assessments. Webmitm does good for HTTP/HTTPS, as does Burp Suite (transparent non-proxy aware stuff). There are a lot of tools in this space. There are very few that will let you interactively debug non-HTTP(s) TCP and SSL.
I released a tool with a colleague back in 2010 designed for assessing non-proxy aware (mostly non-HTTP(S)) applications. It was aimed at getting those hard to reach TCP and SSL wrapped TCP apps that other proxies don't let you work with interactively. Mallory does the exact same on the fly cert generation etc. As does Burp Suite a professional grade HTTP proxy, that can operate in transparent mode. I much prefer Burp to webmitm for day to day work.
SSL Split also supports more NAT mechanisms than Mallory and most other tools (which just tend to be iptables/Linux aware). That is one of the real nice pieces of this code.
We did add in a few neat things into Mallory. SSH MiTM that, when it works, lets you open up your own PTYs on the back of the user's SSH session. A GUI that lets you do binary level regex to play with traffic on the fly. HTTP plugins along with a Chrome extension for hijacking sessions and some other fun things, which were mostly just for demonstration of what a MiTM proxy can do and be. Making a MiTM proxy protocol aware can be very powerful. Mallory is still a little buggy and tricky to use, but it has served me well in performing blackbox app assessments for many years.
I released a tool with a colleague back in 2010 designed for assessing non-proxy aware (mostly non-HTTP(S)) applications. It was aimed at getting those hard to reach TCP and SSL wrapped TCP apps that other proxies don't let you work with interactively. Mallory does the exact same on the fly cert generation etc. As does Burp Suite a professional grade HTTP proxy, that can operate in transparent mode. I much prefer Burp to webmitm for day to day work.
SSL Split also supports more NAT mechanisms than Mallory and most other tools (which just tend to be iptables/Linux aware). That is one of the real nice pieces of this code.
We did add in a few neat things into Mallory. SSH MiTM that, when it works, lets you open up your own PTYs on the back of the user's SSH session. A GUI that lets you do binary level regex to play with traffic on the fly. HTTP plugins along with a Chrome extension for hijacking sessions and some other fun things, which were mostly just for demonstration of what a MiTM proxy can do and be. Making a MiTM proxy protocol aware can be very powerful. Mallory is still a little buggy and tricky to use, but it has served me well in performing blackbox app assessments for many years.
http://bitexploder.com/BlackHat-USA-2010-Umadas-Allen-Networ... (Check this out if you want an overview of how to configure a system to support a tool like SSLSplit or Mallory)
https://bitbucket.org/IntrepidusGroup/mallory (reasonably up to date code, its not the easiest thing to set up, though).