Go CLI
Wrap a command and inspect its HTTP or HTTPS requests in real time. No browser, GUI, or system proxy setup.
Host: api.github.com · Accept: */*
Content-Type: application/json · 245ms
{"login":"octocat","id":583231,...} A look inside
httpmon starts a local proxy for one subprocess, injects the needed proxy and CA settings, then removes everything when that command exits.
Capture path
httpmon puts inspection around an existing command. The command still receives its normal response stream; httpmon shows the traffic beside it.
Run `httpmon` before curl, aws, Python, Node, or another proxy-aware command.
It supplies the local proxy address and an ephemeral CA through the child process environment.
Read request and response headers, decoded body previews, status, and timing in real time.
Write NDJSON, HAR, or a recording when the session needs to be replayed or shared.
Fit
You need to see what curl, AWS CLI, Python, Node, or another command actually sends and receives over the network.
It is not a system-wide proxy, a browser DevTools replacement, or a production interception service. It runs locally for one command.
Traffic is forwarded to the wrapped process unchanged. Compressed responses are decoded only for the displayed preview.
Automation
Injects proxy and CA settings for curl, AWS CLI, Python requests, Node, and standard proxy-aware tools without changing system configuration.
A temporary CA and per-host certificates make request and response headers plus decoded gzip or deflate previews visible in the terminal.
Use the full-screen TUI for live sessions, or filter by a URL substring to focus on the traffic that matters.
Stream NDJSON, export HAR 1.2, or record complete request/response pairs for replay and environment comparisons.
`--format json` emits correlated request and response objects for jq, log pipelines, or another tool.
`--har` writes captured traffic for import into Chrome DevTools, Postman, Charles, and other HAR-aware tools.
`--record` preserves request/response pairs; `--replay` reissues them and compares the new result.
`wss://` upgrade handshakes are logged, then frames are spliced between client and upstream without buffering.
Details
When a CLI call fails, the useful evidence is often in the request that was sent and the response that came back. Reproducing that in a browser or reconfiguring a global proxy breaks the debugging flow.
httpmon is deliberately narrow: wrap one command, observe its traffic, save the session when needed, and leave no system proxy behind.
Flow
Prefix an existing command, for example `httpmon curl https://api.github.com` or `httpmon aws s3 ls`.
Add `--filter /api` for a focused text stream, or use `--ui` to inspect requests and responses interactively.
Choose `--format json`, `--record traffic.ndjson`, or `--har session.har` when terminal output alone is not enough.
Replay a recording against the original target or another environment to compare status and response bodies.
Examples
`httpmon curl https://api.github.com/users/octocat` shows the request, response, headers, and decoded body preview.
`httpmon --filter s3 aws s3 sync ./dist s3://my-bucket/` keeps the terminal focused on S3 traffic.
Record a production-safe request sequence, then replay it against staging with `--replay-target`.
Compatibility
httpmon configures common clients directly and provides standard proxy environment variables for other proxy-aware command-line tools.
FAQ
No. Proxy and CA settings are passed only to the wrapped subprocess. The temporary materials are cleaned up when that command exits.
gzip and deflate bodies are decompressed for the terminal preview. The original compressed stream continues to the wrapped command unchanged.
No. httpmon is a local development and debugging tool. Only inspect traffic you own or are authorized to inspect.