Want an alternative to Chrome's network tab?
HTTP Toolkit is a supercharged alternative to Chrome's built-in networking tools, designed for faster debugging and complete control of any HTTP(S) traffic.
HTTP Toolkit has all the core network debugging features you already know, plus:
- A fully featured body editor powered by the internals of VS Code to explore, search and examine request and response bodies with autoformatting and folding for JSON, CSS, HTML, XML, and more
- Flexible rules to automatically rewrite traffic so you can match requests and breakpoint them, return mock responses, simulate errors, create timeouts, redirect traffic and more
- Interception for other browsers and tabs: capture and compare traffic from different sessions, all in one place.
- Powerful filtering, including tools to pin and delete of individual requests, to collect and examine just the requests and responses that matter to you
- Built-in documentation for every standard HTTP header & status code, plus specific endpoint docs & validation for 1400+ popular APIs
- Caching and compression analysis, to explain how and why responses might (or might not) be cached in future, and automatically highlight errors and potential improvements in your configuration
All within a modern beautiful UI, available for Windows, Linux & Mac, and of course 100% open-source.
Join 442,000 happy developers:
Today I discovered this amazing open source tool call HTTP Toolkit that you can use to intercept HTTP and HTTPS traffic for analysing and debugging. In case you want to look at header and body of your HTTP messages then this tool is really amazing.
Pro tip: If you want to debug @trpcio remote procedure calls in @reactjs server components, HTTP Toolkit is your best friend
Acabo de descubrir HTTP Toolkit y me flipa: httptoolkit.com. Una herramienta para interceptar, depurar, testear y simular con HTTP. Y además es de código abierto.
Totally unpaid product endorsement: really really like HTTP Toolkit for debugging LLM requests/responses. One click copy-paste into your terminal and all requests/responses including SSL are automatically proxied and viewable.
HTTP Toolkit is a powerful tool for examining HTTP traffic...
It's a versatile tool ideal for monitoring traffic and prototyping new endpoints or services.
I've been using this for the past year and it is amazing!
...
HTTP toolkit is a must-have for every single developer tool box.
I love @pimterry's HTTP Toolkit so damn much, it's the only thing that let me intercept Android apps' requests, and did it with just two clicks.
I'm just stunned, fantastic work.
Great tool for debugging and mocking HTTP requests httptoolkit.com #debugging #softwaredevelopment
When it comes to flutter app penetration testing it's a nightmare for me. But today I found an awesome tool HTTP Toolkit which helps to inspect flutter app traffic with a seamless connection. Thank you HTTP Toolkit
@pimterry knows what he is doing. Great code in HTTP toolkit.
There are many proxy servers to choose from for Android, the most easy to use I would say from the lot is HTTP Toolkit. The setup is a breeze, if you are coming from Charles Proxy or Proxyman etc, you will definitely love the simplicity.
If you ever want to easily look at what api calls your non-browser process is making, then httptoolkit.com is really effective and trivial to setup. Saved me a lot of time, a very neat tool.
Dude your tool is #@!%*€& amazing thank you so much!
HTTP Toolkit is the first thing I install before even starting to work on any project
what an awesome tool!!
HTTP Toolkit is one of the most useful debugging tools EVER! You can intercept all HTTPS requests AND responses and MOCK responses! So FUDGING valuable!
So excited to see this tool develop and just submitted a software request to my company!
HTTP Toolkit is a nice looking and intuitive tool to intercept, view, and debug HTTP(S) endpoints...
During the preparation of this article, HTTP Toolkit has been the tool working best out of the box — no configuration was necessary.
Working with @erkang to get past an unexpected API response uploading #jupiterone security policies to #confluence for our customers. Bumped into httptoolkit.com amazed how it just worked to trace HTTP from any Terminal.app sub-process!
Just tested it. Works like a charm! Thank you so much!
Awesome tool! Really makes your life easier than having to intercept with Charles.
Man I have no idea how I built web apps before HTTP Toolkit. If you haven't gotten it yet get it now! Being able to intercept ALL outgoing requests (including pre-flight OPTIONS for CORS reqs!!) is v v handy
HTTP Toolkit is a must-have for developers and security enthusiasts! With its user-friendly interface, it lets you intercept, inspect, and manipulate HTTP(S) traffic effortlessly.
Unlike other HTTP debuggers, HTTP Toolkit provides automatically targeted interception for specific clients, including HTTPS setup, rather than intercepting everything from your entire computer, and so avoids capturing irrelevant traffic or disrupting other applications.
OK, confirmed by HTTP Toolkit (which is ace BTW!), Chrome (stable) is not making HTTP requests to my endpoint...
Wow. I switched from AdvancedRestCient and mitmproxy to HTTP Toolkit and my life has just changed. I'm noticing additional traffic from my printer I didn't notice with mitmproxy. The configuration is also much more easier to achieve. I've never been a fan of Postman or Insomnia.
Amazing tool! Super simple to setup, and just works.
I'm always impressed at the thought that went into it when I fire up HTTP Toolkit
I just tried HTTP Toolkit after used charles.
Wow! Less than 5 minutes to make my Ubuntu intercept https traffic from my smartphone. Fast and simple!
And it's open source !
This overview of HTTP Toolkit barely scratches the surface of what it can do for you...
If you're a tester or developer who has to check these kinds of applications or services, HTTP Toolkit is a valuable tool to have around.
Stumbled upon a nice find - it's an open source alternative software to the likes of Burp Suite etc. Very handy and neatly done, have a look: httptoolkit.com
Tried out HTTP Toolkit to custom map some requests on Android. Very impressed with it, good UI and the automatic certificate setup with emulator is great
Excellent open-source HTTP debugging! httptoolkit.com
Your tool is way better than Charles
...
Editing requests on the go without doing any extra work is just amazing.
I like HTTP Toolkit's integration with @OpenApiSpec! Nifty little feature that overlays OpenAPI documentation over a Postman like experience.
Where I had trouble getting Fiddler to recognize calls made from my terminal, HTTP Toolkit just worked immediately.
Thank you for your quick response! I really like your tool and will recommend it to anyone inspecting the privacy issues of websites :)
I use HTTP Toolkit, it's really nice.
Oh that's really nice, love how you can intercept an individual browser window. So long mitmproxy!
Recently I came across this amazing tool named HTTP Toolkit for reverse engineering one of my Android App. This tool helps you to intercept and view all your https by connecting with ADB and by providing a user friendly GUI.
...I highly recommend HTTP Toolkit - they have most of the setup automated and really nice docs
...super helpful for debugging, testing, and quick API prototyping
Wow httptoolkit.com is one of the best development tools I've seen in a while.
If you need to inspect HTTP traffic from (say) Node.js app, try HTTP Toolkit. No need to mess with proxy settings or self-signed certificates, just start a "Fresh Terminal" and start your app. Works like a charm
You made my day with httptoolkit.com
Amazing
HTTP Toolkit's Github is so delightful, it explain each of the component clearly and they open source all of the codes. Can't wait to test it!
Must have tool for android pentest!!
I've had really good experience with Http Toolkit as a proxy. Very user friendly. QA loves it for Android
Even better than having multiple options to collect HTTP traffic is how dead-simple it is to begin accumulating valuable data from your applications and services.
Intercept
Capture HTTP(S) with zero setup
Automatic setup for targeted interception of HTTP & HTTPS from most clients, including:
- Desktop browsers like Chrome, Edge, Brave & Firefox
- Android applications and browsers
- Backend & scripting languages, like Node.js, Python, Java & Ruby
- Docker containers, and almost all terminal or Electron-based applications
- More coming soon, all powered by your feedback
For platforms without automatic setup, HTTP Toolkit can be used as an HTTP(S) proxy, compatible with HTTP requests from any language or tool.
Inspect
Explore, search & examine HTTP
Skim through traffic with highlighting by content type, status & source, or use powerful filtering tools to precisely match the messages that matter to you.
Examine the URL, status, headers & body of each request or response, with inline explanations & docs from MDN.
Dig into message bodies with highlighting & autoformatting for JSON, HTML, JS, hex and others, all using the power of Monaco, the editor from Visual Studio Code.
Breakpoint
Pause & edit live HTTP traffic
Precisely match requests, jump to them when they appear, and edit anything: the target URL, method, headers or body.
Manually respond directly to requests as they arrive, or pass them upstream, and pause & edit the real response on the way back.
Step through HTTP traffic request by request, or manually mock endpoints and errors.
Mock
Test with fully automated mock responses Pro
Create rules to match requests and respond with your own content, to quickly prototype against new endpoints or services.
Define new endpoints, override existing ones, or replace external services, to reproduce tricky edge cases and test your error handling.
Import & export your mock rulesets, to build complex setups and share them with your team.
Edit
Rewrite anything
Inject request timeouts, simulate connection failures, and silently redirect requests from one server to another.Pro
Precise matching lets you target the requests you care about. Match any requests sent anywhere by using HTTP Toolkit as a proxy, send requests directly to use it as a mock server.
And there's more to come too!
Future plans include security analysis & metrics, session-wide performance graphs & analysis, HTTP client tooling, scripting integrations & more...
Sound good? ,
or download now below.
Try it for yourself
Dive in at github.com/httptoolkit
by Tim Perry