MITM Proxy is a great tool for a Penetration Tester to examine the client's vulnerabilities. It allows the administrator to examine the HTTPS connection, halt, examine, and reply traffic. MITM Proxy allows an administrator to alter the request or response from a web server.

MITM Proxy can allow a Penetration Tester to examine the attacks quickly and see what requests and responses are coming from the web browser. MITM Proxy can be launched by going to Kali | Sniffing/Spoofing | Web Sniffers and selecting mitmproxy.

Once MitM proxy is loaded, you will need to point your client's web browser to the your Kali server. MITM will display the web requests transactions that occur on the client-side as shown in the following screenshot:

There will be a log of all browser activity going through the client. Although MITM Proxy is not used as an active component in a typical web Penetration Test, it is a great tool to use when setting up and testing SET before using the package in a live environment. In later chapters, we will examine other types of proxies; however, the reason we like MitM Proxy is because it is an easy way as Penetration Tester you can test attack tools by having them connected directly on your Kali Linux box.