The Middler was announced back at Defcon 16 but I think Shmoocon was the first time anyone outside of the developers have seen this code running. They were literally coding the Middler right up until the talk. One of the developers even cracked about how Middler was so aggressive, it was hooking its own calls to the services it uses, in essence man-in-the-middle attacking itself.
The Middler is also notable as Beale’s first foray into this kind of attack tool. He is most known for Bastille Linux, a set of tools for hardening GNU/Linux. The rest of his work follows in that vein, supporting defenders in their efforts to harden systems and software.
The Middler is written in Python for purposes and as a consequence is quite portable. The first release, made available right after the talk, is able to run on Linux and OS X out of the box. They assured the audience that the work to bring it to other platforms is pretty straightforward and low level, the bulk of the Middler code should run fine once packet data is correctly flowing into it. Another reason for implementing it in Python is to make extending it as accessible as possible. It supports plugins thought I am not clear on whether those also need to be written in Python but I suspect that to be the case.
Most of what the actual injection code does is match patterns in the incoming pages. They started with regular expression matching but for throughput a lot of the initial actions just use string matching. It sounds like plugins will be pretty flexible really only limited by the time and ability of people to implement new rules and actions.