diff --git a/modules/http_proxy_base.go b/modules/http_proxy_base.go
index 9d92a6f0..94092728 100644
--- a/modules/http_proxy_base.go
+++ b/modules/http_proxy_base.go
@@ -42,7 +42,7 @@ type HTTPProxy struct {
 
 	isTLS       bool
 	isRunning   bool
-	stripSSL    bool
+	stripper    *SSLStripper
 	sniListener net.Listener
 	sess        *session.Session
 }
@@ -60,8 +60,8 @@ func NewHTTPProxy(s *session.Session) *HTTPProxy {
 		Name:     "http.proxy",
 		Proxy:    goproxy.NewProxyHttpServer(),
 		sess:     s,
+		stripper: NewSSLStripper(false),
 		isTLS:    false,
-		stripSSL: true,
 		Server:   nil,
 	}
 
@@ -109,7 +109,7 @@ func (p *HTTPProxy) doProxy(req *http.Request) bool {
 func (p *HTTPProxy) Configure(address string, proxyPort int, httpPort int, scriptPath string, stripSSL bool) error {
 	var err error
 
-	p.stripSSL = stripSSL
+	p.stripper.Enabled = stripSSL
 	p.Address = address
 
 	if scriptPath != "" {
@@ -295,6 +295,13 @@ func (p *HTTPProxy) Start() {
 	go func() {
 		var err error
 
+		strip := core.Yellow("enabled")
+		if p.stripper.Enabled == false {
+			strip = core.Dim("disabled")
+		}
+
+		log.Info("%s started on %s (sslstrip %s)", core.Green(p.Name), p.Server.Addr, strip)
+
 		if p.isTLS == true {
 			err = p.httpsWorker()
 		} else {
diff --git a/modules/http_proxy_base_filters.go b/modules/http_proxy_base_filters.go
index d43a9ee8..9e1e53cc 100644
--- a/modules/http_proxy_base_filters.go
+++ b/modules/http_proxy_base_filters.go
@@ -18,6 +18,18 @@ func (p *HTTPProxy) onRequestFilter(req *http.Request, ctx *goproxy.ProxyCtx) (*
 		return req, nil
 	}
 
+	// sslstrip preprocessing, takes care of:
+	//
+	// - patching / removing security related headers
+	// - making unknown session cookies expire
+	// - handling stripped domains
+	redir := p.stripper.Preprocess(req, ctx)
+	if redir != nil {
+		// we need to redirect the user in order to make
+		// some session cookie expire
+		return req, redir
+	}
+
 	// run the module OnRequest callback if defined
 	jsreq, jsres := p.Script.OnRequest(req)
 	if jsreq != nil {
diff --git a/modules/http_proxy_base_sslstriper.go b/modules/http_proxy_base_sslstriper.go
new file mode 100644
index 00000000..5cf0717e
--- /dev/null
+++ b/modules/http_proxy_base_sslstriper.go
@@ -0,0 +1,48 @@
+package modules
+
+import (
+	"net/http"
+	"sync"
+	// "strings"
+
+	// "github.com/bettercap/bettercap/core"
+	// "github.com/bettercap/bettercap/log"
+
+	"github.com/elazarl/goproxy"
+)
+
+type cookieTracker struct {
+	sync.RWMutex
+	set map[string]string
+}
+
+func NewCookieTracker() *cookieTracker {
+	return &cookieTracker{
+		set: make(map[string]string),
+	}
+}
+
+type SSLStripper struct {
+	Enabled bool
+	cookies *cookieTracker
+}
+
+func NewSSLStripper(enabled bool) *SSLStripper {
+	return &SSLStripper{
+		Enabled: enabled,
+		cookies: NewCookieTracker(),
+	}
+}
+
+// sslstrip preprocessing, takes care of:
+//
+// - patching / removing security related headers
+// - making unknown session cookies expire
+// - handling stripped domains
+func (s *SSLStripper) Preprocess(req *http.Request, ctx *goproxy.ProxyCtx) (redir *http.Response) {
+	if s.Enabled == false {
+		return
+	}
+
+	return
+}