Show HN: Derusted – An open-source programmable HTTPS MitM proxy engine in Rust
github.comI've released Derusted — a programmable HTTPS MITM proxy engine written in Rust.
This grew out of frustration with existing MITM and proxy tooling being: - unsafe or outdated - coupled to one runtime or protocol - hard to embed into other projects - not flexible for security/compliance use cases
Derusted is a library-first design, meant to be used inside other systems like: - browser automation tooling - secure proxies and gateway stacks - traffic inspection - network research - observability and incident response tooling
Highlights: - Written fully in safe Rust - Supports HTTP/1.1 & HTTP/2 MITM - Pluggable inspection pipeline - Certificate generation + pinned cert detection - Redaction support for sensitive data - No `unsafe` - ~150 tests
Links: Repo: https://github.com/kumarimlab/derusted Crate: https://crates.io/crates/derusted Docs: https://docs.rs/derusted/latest/derusted/
Still early, but I'd love feedback — especially around QUIC/H3, benchmarking, use cases, and potential improvements.
Happy to answer questions.