Note that HTTPS, unlike says VPNs (IPSec, Wireguard...), provides authenticity protection up to the application itself. If the kernel sends a modified packet to the application, it will be rejected by the application.
As a result, to implement HTTPS interception / rewrite / injection you need some degree of modification of the application itself. The "minimal" way is to add a new TLS certificate to the certificate trust store the application uses that is marked as "allowed for every domain" (that's what Burp suite does). It seems that HTTP toolkit does it differently for the browsers it supports, probably a plugin/extension added to the browser that alters the traffic after the TLS block (HTTPS is HTTP over TLS)
No plug-in or extension. I dug in when I first learned about it because I wanted to make sure I understood how it would impact browser security when it was not in use. The strategy differs per browser, but essentially they launch the supported browsers with a self-signed certificate and a custom profile. No configuration changes needed for the browser, which is really nice.
I was expecting the article to contain a note about SQLBoiler (https://github.com/volatiletech/sqlboiler) and why they didn't use it, but it doesn't. So I was expecting SQLBoiler to be heavily mentioned in the comments, but it's not the case.
I think it's like this: Each line with "###" in bold is a system call, and the preceding non-bold lines show the corresponding backtrace (sequence of nested active function calls at the time of the system call).
A system call is expensive, but not as expensive as a context switch between two user processes.
As a result, to implement HTTPS interception / rewrite / injection you need some degree of modification of the application itself. The "minimal" way is to add a new TLS certificate to the certificate trust store the application uses that is marked as "allowed for every domain" (that's what Burp suite does). It seems that HTTP toolkit does it differently for the browsers it supports, probably a plugin/extension added to the browser that alters the traffic after the TLS block (HTTPS is HTTP over TLS)