Download
Get the App
Setup guide

From install to first
capture in 60 seconds

Trust one certificate, flip on capture, and you're inspecting live HTTPS traffic. Follow the steps for your device below — every step is illustrated.

Download Moni Proxy Start the setup ↓
STEP 1

Install & trust the certificate

A one-time, on-device certificate lets the app read HTTPS content.

STEP 2

Turn on capture

Open the Proxy tab and toggle capture — requests appear instantly.

STEP 3

Inspect, mock & replay

Tap any request to read it, mock it, or resend it. That's it.

Step 1 · One-time setup

Trust the certificate

To let Moni Proxy show the content of HTTPS requests, you install a certificate that is generated on your own device and never leaves it. Pick your platform:

1

Download the profile

In the Moni Proxy app onboarding, tap Download CA Profile. Safari will save a configuration profile to your device.

2

Open Settings

Open the iOS Settings app — a Profile Downloaded banner appears near the top. Tap it.

3

Install the profile

Tap Install in the top-right, enter your passcode, and confirm.

4

Open Certificate Trust Settings

Go to Settings → General → About, scroll to the bottom, and tap Certificate Trust Settings.

5

Enable full trust

Switch the toggle next to Moni Proxy Root CA to ON and confirm. You're done.

Moni Proxy Root CA
Settings → General → About → Certificate Trust Settings
1

Download the certificate

In the app, tap Download CA Certificate. A .crt file is saved to your Downloads folder.

2

Open security credentials

Go to Settings → Security & privacy → More security settings → Encryption & credentials → Install a certificate → CA certificate.

3

Import & confirm

Tap Install anyway on the warning, pick the Moni Proxy .crt file, and authenticate with your PIN or fingerprint.

1

Export the certificate

In the desktop app, open Settings → HTTPS and click Export Root CA Certificate to save moni-ca.pem.

2

Install it to the system store

macOS: double-click the file to add it to Keychain Access.
Windows: right-click → Install Certificate → Local Machine → Trusted Root Certification Authorities.

3

Set it to “Always Trust”

macOS: in Keychain Access open Moni Proxy Root CA → Trust → Always Trust.
Linux / Firefox: import it under the browser's Authorities and check “Trust this CA to identify websites”.

The certificate is generated locally and its private key never leaves your device — no one else can use it to read your traffic. You can remove it anytime in your OS settings.
Step 2 · Go live

Capture your first request

With the certificate trusted, capturing is a single switch. Watch traffic appear the moment your apps make a request.

  1. Open the Proxy tab and toggle Start capture on.
  2. Use any app on your device — the Traffic feed fills with live requests showing method, status, host, timing, and size.
  3. Use the search bar or filter chips to narrow by host, method, or status. Group by domain to scan quickly.
  4. Tap any request to open the Inspector (Overview · Headers · Body · Raw) and read the decoded content.
Traffic feedCapturing
200GET api.github.com/users/anhvq2545 ms
201POST moniproxy.com/v1/event110 ms
304GET coingecko.com/api/v3/global59 ms
403GET producthunt.com/manifest.json38 ms
Rules · Map Local

Mock a response

Return any response you want for a matching URL — no backend required. Perfect for testing error states and edge cases.

  1. In the Traffic feed, tap a request (e.g. /v1/users/me).
  2. In the Inspector, tap Save as Mock — the Map Local editor opens with the path pre-filled.
  3. Pick a status code (e.g. 200 or 500) and add any response headers.
  4. Edit the JSON body to whatever you need, then tap Save Rule.
  5. Enable the rule's toggle. Matching requests now return your mock instantly.
Map Local · */v1/users/me200
{
  "id": 42,
  "name": "Test User",
  "role": "admin",
  "isActive": true
}
Rules · Scripting (Pro)

Write a script

For full control, write a JavaScript interceptor. Hook onRequest and onResponse to transform anything on the fly — it all runs on-device.

  1. Open the Rules tab and choose Scripting.
  2. Set a URL match pattern for which requests your script should run on.
  3. Implement onRequest and/or onResponse and save.
interceptor.jsJS
function onResponse(req, res) {
  if (res.status === 200) {
    let body = JSON.parse(res.body);
    body.user.role = "admin";
    res.body = JSON.stringify(body);
  }
  return res;
}
Remote pairing

Pair with desktop

Stream your phone's traffic to the desktop for a roomier view. Both devices just need to be on the same Wi-Fi.

  1. In the desktop app, click Pair Mobile Device — a QR code appears.
  2. In the mobile app, tap the Scan QR icon in the Traffic feed.
  3. Point your camera at the QR code (or type the host:port shown).
  4. Toggle Forward traffic on — your phone's requests now stream live to the desktop, where you can inspect, mock, and rewrite them.
● Ready to pair
Scan from the mobile app, or type:
192.168.1.24:9099
Pairing runs entirely over your local network — there's no cloud relay. Learn more on the Remote Pairing page.

Ready to see your traffic?

Install Moni Proxy, trust the certificate, and you'll be inspecting live HTTPS in under a minute.

Download for iOS & Android Explore all features