Paros and Charles are tools that can intercept SSL encrypted traffic by acting as a man-in-the-middle. They emulate the server when talking to the client and the client when talking to the server, allowing the intercepted traffic to be viewed and analyzed in plain text. To use Paros, one configures it as either an outgoing or local proxy and then sets the browser to use that proxy. Any HTTPS traffic can then be seen by Paros, including usernames and passwords. Paros also allows modifying the intercepted traffic using traps. Charles works similarly by configuring it as the proxy on the client device. These tools are useful for debugging, development, and testing applications using SSL, not for illegal hacking.