v0.1.0 is now live

The proxy that understandsinterceptsanalyzesdebugssecures your traffic

Intercept HTTP/HTTPS. Ask questions in plain English. Get test scenarios, automation code, and security findings — automatically.

Download for macOS See what it does Documentation
$ curl -fsSL https://ghost.internal/install.sh | bash
Built for scale
50+
API Endpoints
3
LLM Providers
<50ms
Proxy Overhead
0
Dependencies*

*Single binary. Pure Go. No CGo. No Docker.

The Problem

You intercept traffic but still can't find the bug

You open Charles or Fiddler, scroll through hundreds of requests, copy URLs into Postman, and still spend hours understanding what the app actually did.

  • Hundreds of raw requests with no context
  • Copy-pasting between proxy, Postman, and Jira
  • No way to correlate UI actions with API calls
  • Writing test scenarios manually from scratch
  • Security checks are a separate, manual process
  • Mobile device setup takes hours of Googling
The Solution

One proxy. AI that reads your traffic. Zero friction.

Ghost intercepts traffic, understands it with AI, and produces what you actually need — test scenarios, automation code, bug reports, security findings.

  • AI agent — ask questions about your traffic in plain English
  • Auto test scenarios — generated from real traffic patterns
  • Security scanning — OWASP checks running alongside your tests
  • Mobile inspector — connect iOS/Android in one click
  • Bug reports — complete with timeline, screenshots, and repro steps
  • Single binary — install, run, intercept. No Docker, no config files
Capabilities

Not just a proxy.
A traffic intelligence platform.

Every feature designed for QA engineers who need answers, not raw data.

HTTPS Interception

Transparent MITM proxy with automatic CA trust. uTLS Chrome fingerprinting. HTTP/2 upstream. Streaming responses. OCSP stapling.

api.hepsiburada.com TLS 1.3 H2 Chrome 131
cdn.hepsiburada.com TLS 1.3 H2 Chrome 131
auth.hepsiburada.com TLS 1.3 H2 OCSP OK
images.hepsiburada.com TLS 1.2 H2 Chrome 131

Mobile Inspector

iOS Simulators, Android emulators. Element trees, selectors, screenshots.

iPhone 15 Pro Sim
XPath //SearchField[@name]
UIWindow
NavBar
Search
Table
Cell
Cell

Map & Injection Rules

Rewrite URLs, modify headers, inject custom responses. Regex-powered, per-session.

/api/v1/products
/mock/products.json
X-Auth: Bearer ***
X-Auth: test-token

Breakpoints

Pause requests mid-flight. Edit headers, body, status. Resume or drop.

POST /api/v1/checkout ▶ Resume
Content-Typeapplication/json
AuthorizationBearer eyJhb...

Security Mode

Switch personas. The AI thinks differently in each mode. Real-time security interceptor detects sensitive data, auth issues, and injection vectors.

HIGH Authorization token in URL query parameter GET /api/v1/user?token=eyJ...
HIGH Sensitive PII in response without encryption GET /api/v1/user/profile
MED Missing HSTS header on authentication endpoint POST /api/v1/auth/login
LOW Server version disclosed in response headers X-Powered-By: Express

Sessions & Compare

Named sessions. Side-by-side comparison. Export to JSON, CSV, HAR, Postman.

Baseline
After Deploy

Addons (JavaScript)

Sandboxed JS engine. Custom transforms, auto-tagging, hot-reload.

function onRequest(flow) { if (flow.host === "api.prod") { flow.headers["X-Debug"] = "true" flow.tag("debug") } }

Browser Extension

Captures clicks, inputs, navigation. Links DOM actions to network flows.

click  .btn-add-to-cart
input  #search-field → "iphone 15"
navigate  /product/12345
submit  form#checkout
Workflow

Capture. Understand. Act.

Three steps from raw traffic to actionable intelligence.

1

Intercept

Start Ghost and browse normally. Every HTTP/HTTPS request flows through the proxy — decrypted, timestamped, and indexed in real-time.

2

Ask

Select any flow and ask the AI agent: "Generate test cases", "Find security issues", "Write an Appium script", or anything else. It sees the full request context.

3

Ship

Copy the generated code, export the Postman collection, file the bug report with annotated screenshots. From traffic to deliverable in seconds.

AI Agent

Your traffic, explained.

Multi-provider AI with full traffic context. Not a chatbot — a domain expert.

20+ specialized tools

The agent doesn't just chat — it can inspect flows, search traffic patterns, generate test code, create mock servers, and produce API documentation. All from natural language.

  • Analyze traffic patterns and detect anomalies
  • Generate Appium, Espresso, XCUITest, and Maestro scripts
  • Create Postman collections and mock servers
  • File bug reports with annotated screenshots
  • Tap and interact with mobile devices via AI
  • Security analysis with OWASP-aware findings
Ghost AI — QA Mode
You
Generate a Maestro test for the checkout flow I just captured
✨ Ghost
I analyzed 12 flows in your checkout session. Here's a Maestro test covering the happy path:
appId: com.hepsiburada.app --- # Login - launchApp - tapOn: "Sign In" - inputText: "test@hb.com" # Search + Add to Cart - tapOn: "Search" - inputText: "iphone\n" - tapOn: "Add to Cart" # Checkout - tapOn: "Proceed" - assertVisible: "Order Summary"
Architecture

Single binary. No compromises.

Pure Go backend, React frontend, Tauri desktop shell. Nothing to install, nothing to configure.

🐝

Go Sidecar

Pure Go, zero CGo. Single binary with embedded frontend. SQLite with FTS5 search.

React + Vite

TypeScript, Tailwind, Zustand. Real-time WebSocket updates. Both dark and light themes.

💻

Tauri v2

Native macOS app. Apple Silicon optimized. Auto-updates with signature verification.

🤖

Multi-LLM

Anthropic, OpenAI, Ollama. Bring your own key or run fully local. No vendor lock-in.

Stop reading logs.
Start understanding traffic.

One command. Under a minute. Your traffic finally makes sense.

Download for macOS View Documentation
$ curl -fsSL https://ghost.internal/install.sh | bash