ProxyHawk Download for Mac

Getting started

ProxyHawk guides you through setup with an in-app onboarding checklist. Choose your device type and follow the steps — most actions happen automatically inside the app. No Settings screen. No manual proxy entries.

On this page

The onboarding flow

When you first open ProxyHawk, the onboarding panel appears automatically. It has two screens:

  1. "Where does your app run?" — choose one of:
    • iOS Simulator
    • iOS Physical Device
    • Android Emulator
    • Android (physical)
    • Browser / Desktop
  2. Checklist for your chosen device — a short list of tappable steps. Most complete automatically; the app detects when each step is done and checks it off for you.
You can re-open onboarding any time. Use the toolbar or menu to get back to it if you skipped a step or set up a new device.

iOS Simulator

Fastest setup. The certificate installs automatically — no manual steps on the Simulator required.

Steps (all automatic or one-click):

  1. Select iOS Simulator in the onboarding picker.
  2. ProxyHawk starts the proxy automatically.
  3. Click Install certificate in the checklist. ProxyHawk installs the CA into the booted Simulator's trust store for you — no manual certificate export needed.
  4. The app detects the Simulator's certificate status and checks the step off automatically.
  5. Open your app in Simulator — traffic appears in the list immediately.
  6. Use Track a host (see below) to pin and enable HTTPS decryption for a specific API.

Physical iPhone — one-time setup

Set up once. Never repeat. After this one-time process, ProxyHawk captures your iPhone's traffic automatically whenever the app is running. No Wi-Fi proxy settings to change per session. No IP addresses to remember.

ProxyHawk uses a QR code + profile install system. Here's how it works:

  1. Select iOS Physical Device in the onboarding picker.
  2. Make sure your iPhone is on the same Wi-Fi network as your Mac.
  3. Click Install certificate in the checklist. A QR code appears in the in-app guide.
  4. Scan the QR code with your iPhone camera. It links to a .mobileconfig profile served directly by ProxyHawk.
    • Optional: before scanning, enable "Include Wi-Fi + HTTP proxy in profile" to embed the proxy settings into the profile. When this is on, iOS routes traffic through ProxyHawk automatically whenever the Mac app is running — you never need to touch Wi-Fi settings.
  5. On iPhone: tap the notification or go to Settings → General → VPN & Device Management, tap the profile, and tap Install.
  6. On iPhone: go to Settings → General → About → Certificate Trust Settings and enable full trust for Proxy Hawk CA.
  7. That's it. These steps are permanent for this device and never need to be repeated.
QR not working? In the same in-app guide, you can tap Copy Link to open the profile URL directly in Safari on your iPhone, or use AirDrop to iPhone as a fallback.
New phone? Repeat steps 1–6 on the new device. That's the only time it needs to be done again.

Android Emulator

Fully automatic. ProxyHawk configures the Android emulator's proxy and pushes the CA certificate without any manual steps.
  1. Select Android Emulator in the onboarding picker and start your AVD in Android Studio.
  2. Click Install certificate. ProxyHawk automatically sets the emulator proxy to 10.0.2.2:9090 and installs the CA into the emulator's system trust store.
  3. The app detects the installed certificate and checks the step off automatically.
  4. Traffic from the emulator appears in the list. Use Track a host to pin and decrypt a specific API.

Physical Android device

  1. Select Android (physical) in the onboarding picker.
  2. Click Install certificate. Export the CA as a .cer (DER) file and send it to your device via AirDrop, email, or USB.
  3. On your Android device: install the CA via Settings → Security → Install from storage.
  4. Configure the Wi-Fi proxy on your device: Settings → Wi-Fi → long-press your network → Modify → Advanced → Proxy → Manual. Enter your Mac's IP address and port 9090.
  5. For Android 7+ (API 24+): apps targeting the new network security config require a debug build with a network_security_config.xml entry to trust user-added CAs.

Browser & desktop apps

  1. Select Browser / Desktop in the onboarding picker.
  2. Click Install certificate. ProxyHawk attempts to install the Proxy Hawk CA into your macOS Keychain automatically with one click. Enter your password if macOS asks.
  3. Click Enable system proxy. ProxyHawk sets the macOS system HTTP/HTTPS proxy to 127.0.0.1:9090 — Safari, Chrome, and other system-proxy-aware apps route through ProxyHawk immediately.
  4. Both steps auto-detect completion and check themselves off.
Remember to disable the system proxy when you're done debugging. ProxyHawk can toggle it off from the same menu, or use System Settings → Wi-Fi → Details → Proxies.

Track a host

After traffic starts flowing, the onboarding checklist shows a "Track a host" section for iOS and Android flows. This is how you pin a specific API host and enable HTTPS decryption for it in one step:

  1. With the onboarding panel open beside the traffic list, launch your app on the device so traffic starts appearing.
  2. Tap any traffic row for the API you want to debug. Its hostname appears in the Track panel.
  3. Click Track. ProxyHawk pins the host and enables SSL decryption for it simultaneously. A green "Tracked ✓" badge confirms it's done.
Tip: You can open the onboarding panel beside the traffic list by dragging the panel to the side. This lets you see live traffic and complete setup at the same time.

Next steps

  1. SSL & certificates — learn about SSL proxying modes, certificate pinning, and removing the CA when done.
  2. Traffic & filters — pin hosts, filter by type, copy as cURL, and export Postman collections.
  3. API Client — replay and edit captured requests, export Postman collections with environments.