caido
Proxyman
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
caido
-
Autorize – The most popular tool to discover AuthZ/AuthN flaws
Caido[1] a interception proxy written in Rust, is positioning itself as a "lightweight" alternative to Burp. It can't compete yet with Burp in terms of functionality, although it's certainly looking promising.
Perhaps one of few contenders to Burp in respect to features is ZAP[2].
[1] https://caido.io/
[2] https://www.zaproxy.org/
-
Show HN: Pākiki Proxy – An intercepting proxy for penetration pesting
Thanks for the review and kind words. This was really one of the core goal to make it super accessible.
We developed it in Rust because we wanted to create a client/server architecture that you can deploy everywhere (Caido runs even on a rapsberry pi). We worked a lot on the frontend to make it snappy too, so its a combination of both.
Yes for sure, there is a privacy concern too with us forwarding request. It is in the issues of https://github.com/caido/caido.
-
Good alternative to postman ?
I have not tried it myself, but there is a tool called Caido https://www.youtube.com/watch?v=qLVu7rg9btk
-
Public beta of Caido, a BurpSuite alternative
Yes we are planning to work on extensions, but it is a bit more complicated to do in compiled languages like Rust and we have some tech debt to repay before we can start the work on that. You can follow the issue https://github.com/caido/caido/issues/2
- Show HN: Caido, a lightweight web security auditing toolkit
Proxyman
- Ask HN: Black Friday Discounts/Specials
-
Show HN: Pākiki Proxy – An intercepting proxy for penetration pesting
I previously used Proxyman [1] on iOS to the http requests send over TLS. It worked rather nicely. Proxyman in this case starts a VPN which handles all the traffic. It uses custom certificate to decrypt the messages.
[1] https://proxyman.io/
-
A collection of useful Mac Apps
Proxyman - Price: Free (optional paid plans available) Modern and intuitive HTTP/HTTPS debugging proxy app for macOS.
-
What are your favorite apps that has active development? (frequent new features, bug fixes, etc)
I'm using self-developed app MindMac daily to talk with ChatGPT, Proxyman to capture network, TablePlus to access databases and CleanshotX to take screenshots. All of them are currently in an active status.
- Software Developer Mac Apps
-
Mac Power Users 690: Better Touch Tool with Andreas Hegenberg
Links and Show Notes:More Power Users: Ad-free episodes with regular bonus segmentsSubmit Feedbackfolivora.ai - Great Tools for your Mac!iPhone Praktikum 2009GitHub - quicklywilliam/multiclutch: Customization App for Macbooks with MultiTouch supportHopperFSMonitorProxyman · Native, Modern Web Debugging Proxy · Inspect network traffic from Mac, iOS, Android devices with easeCharles Web Debugging Proxy • HTTP Monitor / HTTP Proxy / HTTPS & SSL Proxy / Reverse ProxyBTT and Chat GPT
- PSA: Switching 2FA apps - Don't migrate, recreate
-
Ask HN: Side project of more that $2k monthly revenue what's your project?
I've never tried it. Maybe you should give it a try. If it doesn't work, please create a ticket at https://github.com/ProxymanApp/Proxyman/issues
I'm happy to support you.
-
Why is the iOS chess.com app trying to connect to Proxyman?
Basically, Atlantis is a framework from Proxyman to capture their HTTP/HTTPS traffic for debugging purposes. It only needs during development, and should be removed from the production (AppStore) build.
-
Software for monitoring data that is received through a Wi-Fi network?
Wonder if this application matches your demand: https://proxyman.io/
What are some alternatives?
offensive-docker - Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
grpc-tools - A suite of gRPC debugging tools. Like Fiddler/Charles but for gRPC.
ZAP - The ZAP core project
flipper - A desktop debugging platform for mobile developers.
wstg - The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
mitmproxy - An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
reconftw - reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Requestly - 🚀 Most Popular developer tool for frontend developers & QAs to debug web and mobile applications. Redirect URL (Switch Environments), Modify Headers, Mock APIs, Modify Response, Insert Scripts & Record web sessions and share it with your teammates for debugging.
murder - Large scale server deploys using BitTorrent and the BitTornado library
atlantis - Capture HTTP/HTTPS, and Websocket from iOS app without proxy.
Hoppscotch - Open source API development ecosystem.
httptoolkit - HTTP Toolkit is a beautiful & open-source tool for debugging, testing and building with HTTP(S) on Windows, Linux & Mac :tada: Open an issue here to give feedback or ask for help.