Hacker News new | comments | show | ask | jobs | submit login
Show HN: Intercept.rest – Faster API debugging
89 points by saleeh 25 days ago | hide | past | web | favorite | 57 comments
Sharing an internal tool that accelerated my development work 10-fold, especially with API debugging. Thought fellow developers here might find it useful.

As a developer, I often have trouble reproducing errors at the client end. https://intercept.rest lets me debug and monitor API requests and responses. It is similar to the Network tab in Chrome Developer Tools but works for any API: mobile apps, webhooks, frontend etc.

After I shared it with a close circle of friends, they found it incredibly useful and even found new use cases, I never imagined. Been a long time lurker here and have found several such tools that made my life easier. So, wanted to share this here and keen to hear if you folks find it useful too.

Some of the Use cases (Look forward to other use cases for this tool):

- Reproduce error requests at client side, helps to debug faster. – Easily switch between mock, dev, staging and production – You can even record requests and run load tests to see how your server behaves when 100,000 hit it – debug/monitor webhooks. – Share requests with the backend team for debugging.

If you would like to take it for spin, DM me at https://twitter.com/intercept_rest , I can hook you up with credits.

Also made a blog post on how this tool could be used to monitor network requests in real time. https://medium.com/intercept-rest/how-to-monitor-network-req...

Let me know what you think :) Happy Developing!

How does this compare to tools like Charles and BurpSuite?

I've used Charles extensively in the past for this sort of testing, and particularly on mobile apps (it's not clear if/how mobile apps are supported with this).

Edit: Ah, "Now you just need to replace the original endpoint with interceptor’s URL inside the app." – so it sounds like this is basically a proxy at the HTTP level in the target app, rather than a network traffic interceptor at the network level on the system.

Just saw the edit, Exactly to your point

So what's the advantage of Intercept, what can it do that tools like Charles can't? Honest question, I expect it can be smarter being at that level, but less generic and unable to intercept apps that haven't been modified as a consequence.

Charles proxy works only for local development as proxy for all your network.

intercept.rest monitor only request sent by your client to your server and it is easier to setup (just change the API endpoint), works both locally and in staging/production etc.

Some use cases are :-

- When you give an app to the client for testing and you wanted to monitor the API calls and its responses for debugging purposes.

- It can also be used to debug webhooks,

- You can also choose to share all the data with your team members without additional setup.

Some feedback:

* How did you measure that your development work was accelerated 10x faster? Or is that just a hyperbole? I think this matters because otherwise you are making claims that are not justified.

* When I visit the website, it autoplays some voice and it put me off immediately.

For us, it saved a lot of time after creating this tool. We are running appmaker.xyz for the last 3 years. And we convert WooCommerce website to the mobile app in minutes.

For us, while user create an app using our platform we have no access to the client-server, It was a hell to debug. We built this tool a couple of weeks back. For us reproducing the error at checkout page will take a while(without tool). (Choose product -> Add to cart -> enter address -> Choose payment gateway).

We build this to overcome all those and in one click we can reproduce that. The beauty is that we can reproduce the same request caused by the client while testing the app.

Surely that is your pitch. But what I am getting at is how you arrived at the particular claim that this tool "accelerated [your] development work 10-fold," and "10 x Faster API debugging" which was the original title. Without justification, you are misleading the potential users and that does not inspire confidence. i.e. why not 5-fold, 8-fold or 100-fold?

Shameless plug: I made an HTTP(S) debugging tool for macOS[0]. Not exactly like what OP does, but if you are looking for a native alternative to Fiddler on macOS, consider giving it a try.

[0] https://proxie.app/

This looks more as a Charles replacement than intercept

You are right. Charles is a great tool and I used it everyday.

However, besides not being native, I really missed the scripting ability that Fiddler has. This is another major motivation for me to build this tool.

There's autoplay sound on your website and absolutely no way of turning it off.

oops. Apologies for that. Fixing that soon.

This looks great! I'm currently in the process of reverse engineering an API from its source. This is perfect for quickly comparing the requests made between the official client and my own implementation.

Thanks for your feedback. I hope this will work for your use case

Happy to see this here :) I've been using it since the invite-only release. Helped us track down a bunch of bugs spot on. Burpsuite was my go-to tool before this, which simply is an overkill for this kind of testing. Intercept.rest makes it super simple and neat.

Thanks for using shitty early version ;) Look forward to continued support in the days to come. Again, we are thankful for the early feedback.

Cool product.

What's your stack?

Is the persisted request/response information encrypted in any way? Any chance of a locally hosted version being available?

What is your growth strategy? Who are your competitors? How long have you been working on this product?

Glad you liked it, All are running on node js server. + react js. We build this for our internal purpose, right now request/response is not encrypted. This is we should have done in first place. (WIP). We have desktop apps which work offline on the local machine. We offer self-hosted in our enterprise plan. You can email me saleeh at intercept.rest.

I'm running a startup appmaker.xyz as fulltime. This is a simple tool that we build for our usecase

I've been using this tool since the invite-only release and find it super useful during development.

It helped in coordination between the backend and mobile app teams and even let us catch some potential bugs in the API.

Good to see this on Show HN!

Glad to see this helped your use-case.

Your Early feedback helped us immensely to improve this tool.

Looks awesome! Quick note about the landing page: the GIF captures in the "How it works" section are a bit vertically stretched, weirdly pixellated and really too quick to understand what's going on.

Thanks for pointing out. Will update the GIFs soon.

Just a couple of small things I noticed:

- There's a typo on the sign up - it says "Sing Up to Get Started"

- There does not seem to be any forgot/reset password functionality

Haha. Just fixed the typo.

We are super early. And Build as an internal tool to get feedback. We are sure to move fast and work on the suggestion you mentioned.

The animations on the home page are way too fast, and with such tiny text, that I can't figure out what they're doing.

Thanks for the feedback, We are working on it, Here is a simple video on how it works https://www.youtube.com/watch?v=wVIE_yeViNo

Can I use it as a transparent proxy with SSL certificate support like Charles?

This is a proxy at the HTTP level. So you can proxy and view request/response for HTTPS requests without configuring any certificates

Can you explain what this means?

This acts as a proxy server for any API. All the request capture by intercept and it'll capture the response from the original endpoint and reply back

This is the same for HTTPS traffic? You can view the content of requests without installing a cert?

Yup, this works both HTTP and HTTPS without any certs.

Hope this helps


I would really appreciate if you could give us some honest feedback. or any suggestion


I've used mitmproxy in the past for debugging purposes but there was always a stipulation that one must install a cert on the machine in order to intercept HTTPS traffic. If intercept.rest can accomplish the same thing without the need to install a cert I could see this being very useful.

Yes, this can work without certificate installation and you don't have to do anything in client side. Only need to change the endpoint URL

will this do what ngrok does as well ?

Right now, It doesn't support that feature, Its in out TODO list after getting feedback from users

hawksy 25 days ago [flagged]

Looks interesting. More useful for beta testing looks like

Please see https://news.ycombinator.com/item?id=18078660. Promotional comments aren't good here.

Yea exactly. a couple of our early adopters are using for the same. Which helps them easily monitor all the network request happening for their beta users

this looks great! how do you guys compare with requestbin?

That's great. Request bin is a great tool for capturing requests while testing the webhook.

Our tool is similar to that. But our tool will monitor and forward requests to the original URL and reply the response (a proxy for your API with monitoring ). So your endpoint will work as expected and you can monitor that for debugging purposes.

one use case is that when any client reports any bugs regarding API/network requests, you can easily reproduce that without getting any inputs from the user.

Please see https://news.ycombinator.com/item?id=18078660. Promotional comments aren't good here.

Is there an extreme amount of astro-turfing going on in this thread? I looked at the profiles of 3 of the most fervent supporters of this tool (comments by livin21, shyjal, and g0vz) and the accounts had only 1 other comment among all 3 over the course of years. Is this tool really that amazing that several lurkers have come from the shadows after years of silence to pledge their allegiance? Those were literally the ONLY 3 I looked at as well.

The OP seems to have asked early users to vote and comment in the mistaken idea that this would help the post do better on HN, when in fact it's the fast track to getting flagged and penalized. Doing this is against HN's rules, of course. We want people to vote and comment because they ran across something and found it intellectually interesting, not because they or a friend has something to promote.

We have software to detect such violations. In addition, seasoned HN users figure out what's going on and react quite aversely, as you demonstrated. Once such a ring has been identified, if the story is still on the front page, users will flag it (as happened here) or moderators will penalize it. Plus we often ban the accounts and site involved.

This case seems to have been at least in part an honest mistake. More importantly, the tool seems to be of some interest to the community. Because the most important thing on HN is to have interesting things to discuss, I'm going to reduce the penalty on this post and let the discussion continue.

I hope everyone realizes that this is a rare outcome. The more common outcome is that we ban the accounts and sites involved. So please don't do this!

:D I am not active on HN. But was using this tool since its development phase and was in a constant feedback loop with the devs. Classifying some HN noob's positive comment on a tool he used as astroturfing is kinda discouraging :)

This sparked my curiosity.

Is this your github https://github.com/Livin21 ? I see this person is from Cochin, India [1]. I then see the facebook page linked to on your website [2] mentions your founder [3] who happens to be from Kochi [4] which is the same city [5].

This is quite odd, no?

[1] https://imgur.com/a/tBCmKGY

[2] https://imgur.com/a/RZgKg9Y

[3] https://imgur.com/a/fbMnrrh

[4] https://imgur.com/a/9sn4LSs

[5] https://en.wikipedia.org/wiki/Kochi

I don't find it necessarily odd that one of the early users is from the same city as the company that created the app.

Sometimes, when I've worked on a small tool I want to share with others, I've found that telling people about it at local meetups is the easiest and quickest way to get people to try it out.

Maybe something similar happening here?

Or they just happen to work in the same building, or same coworking space, etc.

This is what exactly happened.

"growth hacking"

Understood your concern. These were our early users and being giving us feedback till now.

shyjal 25 days ago [flagged]

This is exactly what I was looking for. Thanks for building this..

Please see https://news.ycombinator.com/item?id=18078660. Promotional comments aren't good here.

Glad you liked it, Thanks for checking out

g0vz 25 days ago [flagged]

It's time to ditch Charles proxy and start using intercept. The configuration looks easy and simple when compared with Charles.

Thanks for creating an awesome tool.

Please see https://news.ycombinator.com/item?id=18078660. Promotional comments aren't good here.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact