- Manually walk the entire authenticated application, or designated portion. Populating all areas and using all application functionality.
- Analyze mitmproxy logs to identify all application entry points, and other OWASP areas of interest. (mitmproxy's "Limit" feature makes this fast and easy)
- Manually Test every endpoint, or other item, by duplicating the request, editing, and resending.
This is pretty basic, so I'm sure you see how this could be done with burp's repeater and intruder, which were the main areas I used. - Stage requests in Hackbar on Firefox and send the request, which goes through mitmproxy.
- Use Mitmproxy for fine-tuning anything, watching the details, and scripting the tedious.
> One of the things we're doing this year for our clients is selling them on the idea of doing basic security integration testing as part of their normal dev process, which might involve these companies buying copies of Burp for their team. But I could probably be convinced that mitmproxy would work just as well. Log in -> Create widget -> edit widget -> destroy widget -> submit note
Then, I can pass this to mitmdump to be replayed, with sticky-cookies enabled, and I just watch the output to make sure the output is correct. - Duplicate the request for every POST parameter in the request
- Inject the list of characters in to the post parameter
- Run/Replay the new request
Hopefully you can make sense of my examples. I think by replaying request, or writing simple testing scripts, you could automate a lot of the basic security integration testing.
(https://www.krackattacks.com/#openbsd)