Skip to content

Mitm capture documentation #1655

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Puxtril wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Mitm capture documentation #1655

Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
f22b941
Add MITMProxy capture documentation
Puxtril Feb 13, 2026
b8d694a
Add warning for captured traffic
Puxtril Feb 13, 2026
af9c5db
Clarified documentation
Puxtril Feb 20, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 25 additions & 0 deletions docs/source/contribute.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,31 @@ You can also execute the tests against a real device using `uv run pytest --ip=<
Note that this will perform state changes on the device.
```

## Capturing network traffic with MITMProxy

**WARNING**: The captured network traffic will likely contain your email/password in plaintext!

[MITMProxy](https://www.mitmproxy.org/) is open-source software designed to capture network traffic between the source and destination. This guide will show you how to capture HTTPS traffic between your Tapo/Kasa app and the Tapo/Kasa device.

Required:
- Tapo/Kasa device (factory reset)
- Smartphone (Currently only Android is tested)
- A Tapo/Kasa account (can be a throwaway)
- PC/Laptop with WiFi connectivity

Steps:

1. Install MITMProxy on your PC/Laptop using the [official MITMProxy guide](https://docs.mitmproxy.org/stable/overview/installation/).
1. Start MITMProxy (or MITMWeb) with the following flags: `--ssl-insecure --save-stream-file <filename>`.
1. Configure your smartphone to route traffic to MITMProxy using the [official guide](https://docs.mitmproxy.org/stable/overview/getting-started/).
1. You will need to connect your PC/Laptop to the wifi network broadcasted by the Tapo/Kasa device. Make note of the new IP address assigned to your PC/Laptop.
1. During the provisioning process, some commands will be sent on the Tapo/Kasa network, then the device will connect to your home network, then *more* commands will be sent. Since Android proxies traffic based on Wifi connections, it's recommended that before beginning the provisioning process, proxy traffic on both the Tapo/Kasa network **and** your home network to the PC/Laptop running MITMProxy. Keep in mind, your PC/Laptop will have different IP addresses on the respective networks.
1. Open the Tapo/Kasa app and go through the provisioning process. You should see network traffic appearing on your MITMProxy interface.
1. Once completed, close MITMProxy. Since we used the flag `--save-stream-file` to start MITMProxy, all captured traffic has been recorded to the local file.

MITMProxy may be re-opened with the captured file using `mitmproxy -r <filename>`. Python scripts may also be written to parse the captured flow file.


## Analyzing network captures

The simplest way to add support for a new device or to improve existing ones is to capture traffic between the mobile app and the device.
Expand Down
Loading