ProxyHawk is a powerful debugging tool. With that power comes responsibility: you are deliberately placing a trusted MITM on your machine or devices.
On this page
This is the same category of risk as other desktop MITM debuggers (e.g. Proxyman, Charles). The product does not remove TLS cryptography on the public internet—it terminates TLS locally when you opt in via CA trust and SSL lists.
Generate one CA per machine or team policy; do not copy a trusted CA profile to untrusted devices. Revoke / delete trust when debugging ends. If you suspect exposure, regenerate the CA in ProxyHawk and re‑install trust everywhere you need it.
Captured traffic can include passwords, OAuth tokens, cookies, PII, and proprietary APIs. Treat the ProxyHawk window like a password manager screen:
The app is built so capture and display happen on your Mac. There is no requirement to upload HTTP content to a vendor cloud for core capture—verify your specific build and any optional analytics or crash reporting in Settings / distribution channel.
macOS integration may use a privileged helper and Login Items approval for automatic proxy toggles. Only enable what you need; review Apple’s prompts carefully.
Only intercept traffic you are authorized to inspect (your apps, your QA environments, or with explicit consent). Intercepting third‑party users’ production traffic without consent may violate law and policy.
