Overview
fluxzy is a versatile HTTP intermediate and Man-In-The-Middle proxy for recording, analyzing, debugging, and altering HTTP/1.1, H2, WebSocket traffic over plain or secure channels.
fluxzy was build to produce precise performance indicators for various observability scenarios. To this end, and unlike most MITM tool, fluxzy provides full request/response streaming in every stage of the HTTP exchange including built-in active alteration actions.
You can use it as:
- A desktop application, named Fluxzy Desktop available on Windows, macOS and linux.
- A command line tool, named Fluxzy CLI (command
fluxzy), for starting a new capture session, managing certificates, reading a fluxzy archive and directory and exporting fluxzy outputs to other formats. - .NET package named Fluxzy.Core available on nuget.org. You can find this project on Github.
Download & Install
Visit the download page page to get the latest stable for your platform.
Features
Core Features
Find below a non-exhaustive list of Fluxzy capabilities and features shared across all Fluxzy products:
| Feature | Desktop | CLI | Core | Comment |
|---|---|---|---|---|
| Supports HTTP/1.1, HTTP/2, and Web Sockets | ||||
| Inspects traffic in clear | ||||
| Deflects OS traffic to Fluxzy Act as system proxy |
||||
| Automatic ROOT CA installation | ||||
| Use a custom root certificate | ||||
| Save and load captured HTTP exchanges | ||||
| Save and load filters and actions | ||||
| Replay captured HTTP exchanges | ||||
| Run and hook browsers and terminals | ||||
| Breakpoints | ||||
| Live edit Halt ongoing exchanges and edit requests and responses on the fly |
||||
| Export and import HAR files | ||||
| Export and import SAZ files (experimental) | ||||
| Export exchange to cURL command for Bash and cmd | ||||
| Codeless traffic alteration | ||||
| Dual SSL engine Choice between the OS default engine (SChannel for Windows, OpenSSL for Linux) |
||||
| Capture raw network packets | Needs elevation | |||
| Capture NSS Key logs with raw network packets | Available when using Bouncy castle engine | |||
| Store NSS Keys with SSLKEYLOGFILE format | Available when using Bouncy castle engine | |||
| Custom filter builder, including multiple filter combinations | ||||
| Metadata support: comments and tags | ||||
| Precise traffic measurements including transport-level timings | ||||
| Multipart data viewer: retrieve an upload file in the exchange |
Traffic Processing Features
Traffic Processing features are handled by filters and action directives.
You can use the search engine built on this page to list all available filters and actions on the latest stable version.
- Add, remove, modify request and response headers
- Change request method, path
- Alter request and response body
- Mock request body (file, immediate text, ..)
- Mock response body (file, immediate text, ..)
- Forward requests
- Search in every part of request
- Spoof DNS
- Add client certificate (mutual TLS)
- Force HTTP version
- Force SSL/TLS version
- Simulate failures
- Extract variables from exchanges and reuse them
- Write to stdout and to file on the fly