Live HTTPS inspection
See every request and response your app makes, decrypted in real time — iOS Simulator, iPhone, Android, and Mac apps in one list.
New · API Guard · Native Mac app · Zero cloud · Free to try
Be the first to know
when the backend
breaks your app.
One-time iPhone setup
Postman export + environments
Share sessions with team
The field was there yesterday. Today it's gone. Your users noticed first — not anymore. API Guard catches every change with a visual diff and a Slack alert.
macOS 13+ No account needed Traffic stays on your Mac
NEW API Guard
Backend broke your API?
Know before your users do.
API Guard silently watches every response and learns what "normal" looks like for each endpoint. The moment a required field disappears, a type changes, or array items are missing, you get a BREAK badge — no test suite, no deploy hook, no extra setup.
- Detects removed fields, type changes & array element regressions
- Side-by-side visual diff of stable vs. broken response
- Slack & email alert fires automatically — team knows before users report bugs
- Works on any API — REST, GraphQL, internal services, third-party
-
Hint when a field was likely renamed (e.g. "Was
user_idrenamed touserId?")
Core feature · Zero configuration
Capture HTTPS traffic in
One click
1-click start
One-time iPhone setup
Postman export + environments
Share sessions with team
See every request and response your app makes, decrypted, the moment it happens. iOS Simulator, physical iPhone (one-time setup), Android emulator, and Mac apps all captured in the same list. No configuration per session.
Your mock server
Backend not ready? Map Local has you covered.
Map matching traffic to files on your Mac—JSON, HTML, whatever you need. No process to run. No deploy. How Map Local works →
Intercept & edit
Breakpoints
Pause traffic when it matches your rules. Inspect or rewrite headers and body on the wire, then Execute or continue—full control before the exchange completes.
Why developers switch
Less friction. More debugging.
Every decision in ProxyHawk was made to remove a pain point other tools take for granted.
Proxyman & Charles
ProxyHawk
iPhone setup
Enter Mac's IP on your iPhone — every session. Forget to turn it off and your phone loses internet.
Install the cert once. Tap Capture. Traffic flows automatically, forever.
Postman export
Flat request list only — you rebuild base URLs, environments, and auth tokens yourself.
Full collections with environments pre-filled from real traffic. Import and run.
Team sharing
Export a HAR file, email it, and hope your teammate has the right tool to open it.
One click → shareable link. Opens in any browser. No app, no account needed.
API break detection
Not available — you find out when users report a bug or tests fail in CI.
API Guard catches missing fields & type changes the moment they appear in traffic. BREAK badge, visual diff, Slack alert — zero setup.
Free tier
Paid license required to use core features.
Capture, inspect, and export — free, no time limit.
Inside the app
API Client
Open captured requests, edit headers and body, import cURL, and hit Send in the same app. Export traffic as Postman collections with environment variables—base URLs, auth tokens, and custom vars pre-filled, ready to share with your team. Fewer context switches means faster debugging.
Everything in the box
API Client + replay
Open captured calls, edit headers and body, and resend right away — no context switch to Postman or Insomnia needed.
Postman export with environments
Base URLs, auth tokens, and variables extracted from real traffic and pre-filled. Import and run — no manual setup.
Breakpoints
Pause any request or response mid-flight, inspect it, rewrite headers and body on the wire, then continue.
Map Local, mocks & block rules
Redirect calls to local files, return mock responses, or drop requests entirely — predictable tests without a staging environment.
New
OpenAPI spec generator
Capture production traffic and export a ready-to-use OpenAPI 3 spec — stop writing docs by hand.
Network throttling & scripting
Simulate slow connections and automate request/response rewrites with scripts — catch edge cases before release.
FAQ
Short answers; details live in the docs.
What is API Guard and how does it work?
API Guard automatically monitors every API response and learns what "normal" looks like for each endpoint. The first time an endpoint responds, ProxyHawk records its structure as the baseline. Every subsequent response is compared against that baseline — if a required field disappears, a type changes, or array elements are missing fields that were always present, you get a BREAK badge in your traffic list immediately. Clicking it opens a side-by-side visual diff showing exactly what changed vs. the last stable response, a hint when a field was likely renamed (e.g. "Was user_id renamed to userId?"), and optionally fires a Slack or email alert to your team. No test suite, no deploy hook, no configuration — it works on any API you capture.
Is ProxyHawk an alternative to Charles Proxy or Proxyman?
Yes—and for physical iOS devices, it's significantly easier. Same kind of tool: local HTTPS capture, SSL decrypt, traffic list, and export. ProxyHawk adds a one-time iPhone setup (no manual Wi-Fi proxy every session), built-in Postman collection export, and a native Mac-first design that's faster and lighter. If you're tired of re-entering IP addresses or switching between apps, ProxyHawk was built to fix exactly that.
Do I need to configure Wi-Fi proxy settings on my iPhone every time?
No—that's one of ProxyHawk's biggest advantages. After a one-time certificate installation on your device, ProxyHawk handles the connection automatically. There's no IP address to enter, no Wi-Fi proxy to toggle on and off, and no risk of forgetting to disable it. Other tools require this manual dance every session; ProxyHawk doesn't.
Can I export captured requests to Postman?
Yes — and it goes further than other tools. ProxyHawk exports a proper Postman collection with environment variables already generated: base URLs become {{baseUrl}}, auth tokens become {{authToken}}, and custom variables are extracted from real captured traffic. Other proxy tools that offer Postman export give you a flat list of requests — you still have to build environments yourself. See the API Client docs for details.
Do I still need Postman or Insomnia?
Often no for solo debugging—collections and Send are in-app. Teams with collaboration in another client can still export cURL or Postman collections. See API Client.
Is shared session data private?
Yes — and you control what's included. When you share a session, ProxyHawk strips Authorization headers, cookies, and tokens client-side before anything is uploaded. The resulting snapshot contains only sanitized request/response data. Links auto-expire after 7 days and are unguessable. Sharing is opt-in — nothing is ever sent anywhere without you clicking Generate Link.
Where does traffic data go?
Designed to stay on your Mac. Check your build for optional analytics or crash reporting in Security & privacy.
What about certificate pinning?
Pinning blocks MITM by design—you need debug builds or test hooks, same as any proxy debugger. See limitations.
Set up once. Debug faster. Ship with confidence.
Capture traffic in one click, catch API breaks before your users do, share sessions with your team in seconds — and never configure a Wi-Fi proxy on your iPhone again.
macOS 13 or later · Free to try · Pro from $7/month · See pricing →