It's not too hard to MITM HTTPS traffic in a corporate setting -- you run your own internal root CA that approves the same cert for all domains, and add its public key to the browsers on all of the company's computers. Then instead of running a normal socks proxy, you just route all external IPs to a gateway box that proxies on 80 and 443.
I've seen this proxy method used at a company before, but I'm pretty sure they just passed through the https traffic instead of fucking with the certs. I'll have to check the next time I'm on-site...
I've seen this proxy method used at a company before, but I'm pretty sure they just passed through the https traffic instead of fucking with the certs. I'll have to check the next time I'm on-site...