Authorized web security testing

Interceptor

Interceptor is a desktop HTTP/HTTPS proxy for security testers, developers, and auditors who need controlled traffic capture, opt-in TLS interception, manual replay, passive analysis, and evidence-ready reporting without sending project data to a cloud service.

Download Explore 68 features

Interceptor desktop workspace

A local-first HTTP and HTTPS testing proxy for capture, replay, diagnostics, findings, and reporting.

HTTP/HTTPSWebSocketmTLSReports
68documented features
8major categories
100%local-first workflow
99€per year

Major categories

A complete manual testing loop.

Interceptor combines capture, low-level diagnostics, replay, scanning, project organization, and reporting so a test can move from first request to final evidence without losing context.

01

Proxy & Capture

Capture HTTP and HTTPS traffic, handle CONNECT, keep upstream behavior visible, and control TLS interception explicitly.

02

Intercept & Edit

Pause requests or responses, edit raw messages, forward or drop, and keep user-visible modifications auditable.

03

Replay & Fuzz

Send traffic to Repeater or Intruder, compare variants, track outcomes, and keep active work inside defined scope.

04

Storage & Search

Persist exchanges locally, search full text, spool large bodies, annotate traffic, and preserve project sessions.

05

Scanning & Findings

Generate passive findings, run opt-in checks, manage lifecycle state, and connect issues to evidence.

06

Project Workflow

Use project health, target scope, checklists, evidence boards, and reports to keep engagements organized.

07

Network Diagnostics

Inspect DNS, TCP, upstream proxy, TLS handshake, byte counters, close reasons, and chaining behavior.

08

Safety & Extensibility

Keep TLS MITM opt-in, CA handling manual, active tooling scope-aware, and extensions explicit.

Product boundary

Built for authorized environments.

TLS interception is opt-in. CA trust is never installed automatically. Active tooling is scope-aware. The product is intended for authorized security testing, application debugging, and internal traffic analysis.

View the full feature list

Start with traffic. Finish with evidence.

Use Interceptor to understand behavior, test hypotheses, compare variants, and produce a clean record of what was observed.

See pricing