Burp suite is a succesfull MITM proxy and has some attacking tools in it. It has both of a free and commercial version. I am using the free version of it on penetration testing sessions.

Maybe you know that, this month is the month of Burp and the Burp blog is releasing a feature of it everyday. According to the blog , there will be major enhancements and some new tools in the Burp suite.

Yesterday, they have talked about the drawbacks of commercial web application scanners and also talked about a free one. Today released a blog about their web app scanner but it'll be available in only commercial version of Burp. I am very disappointed about this issue. We'll go with the free version's enhancements and maybe new free components