The collaborative MITM proxy for security testers.
Capture HTTP traffic, annotate requests with AI, run hunt sessions, replay traffic, and track findings from one interface.
Quick start · Features · Screenshots · Configuration · Security · Contributing
git clone https://github.com/synlace/ferret.git
cd ferret
cp .env.example .env # optional
just upOr use Docker Compose directly:
docker compose up --build -d| Service | URL |
|---|---|
| UI | http://localhost:3000 |
| API | http://localhost:8000 |
| Proxy | 127.0.0.1:1337 |
Open:
http://localhost:3000
The first-run setup wizard will ask you to set a password and choose an AI provider.
- Docker
- Docker Compose
just
Ferret is an AI-assisted HTTP interception proxy built for security testers.
Point your browser, CLI tool, or testing workflow at:
127.0.0.1:1337
Ferret captures requests and responses, stores them locally, annotates traffic with AI, and gives you tools to replay, modify, test, and turn interesting behaviour into findings.
It is designed for workflows where you want more than a passive proxy: you want something that helps you think, test, and document as you go.
| Feature | Description |
|---|---|
| Intercepting proxy | Capture HTTP and HTTPS traffic through mitmproxy. |
| Request history | Browse, filter, inspect, and replay captured traffic. |
| AI annotations | Enrich requests with security-relevant context. |
| Hunts | Run AI-assisted hunt sessions across captured traffic. |
| Findings | Track vulnerabilities with severity, host, type, evidence, and status. |
| Snare | Intercept and modify requests or responses in-flight. |
| Gnaw | Repeater-style tabs for editing and resending HTTP requests. |
| Workspaces | Per-session scripts/, tests/, and notes/ directories. |
| Projects | Separate request history, findings, workspaces, and API keys. |
| Authentication | Password login, session cookies, optional API key access, and TOTP 2FA. |
| Local-first storage | SQLite-backed data stored in a local bind-mounted directory. |
Hunts - AI-assisted hunt sessions that search request history, write and run tests, and create findings.
History - A full proxied request log with AI annotations, timings, status codes, and inline request/response editors.
Findings - A vulnerability tracker with severity, host, type, AI-generated descriptions, and evidence snippets.
Settings - Manage the CA certificate, password, 2FA, AI provider, API keys, and proxy status.
Setup wizard - First-run setup for password creation and AI provider configuration.
Configure your browser, CLI tool, or test client to use:
HTTP proxy: 127.0.0.1:1337
HTTPS proxy: 127.0.0.1:1337
For HTTPS interception, download and install the mitmproxy CA certificate from the Settings page.
Ferret requires authentication on every install.
- Open the UI for the first time.
- Set a password in the setup wizard.
- Complete AI provider setup.
- Log in at
/login. - Ferret issues a 24-hour
HttpOnlySameSite=Strictsession cookie.
TOTP-based 2FA can be enabled from the Settings page.
Once enabled, a valid authenticator code is required at login.
Set a static API key in .env:
FERRET_API_KEY=your-random-secretThen use it as a Bearer token:
curl -H "Authorization: Bearer your-random-secret" \
http://localhost:8000/api/requestsSession cookies and Bearer tokens are checked independently.
Copy .env.example to .env to preconfigure Ferret.
Most AI provider settings can also be configured from the setup wizard.
| Variable | Default | Description |
|---|---|---|
FERRET_API_KEY |
- | Static Bearer token for programmatic API access |
OPENROUTER_MODEL |
google/gemini-3-flash-preview |
Default OpenRouter model |
PROXY_HOST |
0.0.0.0 |
Proxy bind address |
PROXY_PORT |
1337 |
Proxy port |
UI_PORT |
3000 |
UI port |
FERRET_DATA_DIR |
./data |
Persistent data directory |
NEXT_PUBLIC_API_URL |
http://localhost:8000 |
API URL used by the browser |
NEXT_PUBLIC_SIGINT_URL |
- | Optional SIGINT/news feed JSON URL |
| Provider | Type |
|---|---|
| OpenRouter | Cloud - unified API across many models |
| OpenAI | Cloud - GPT-4o, o1, and others |
| Anthropic | Cloud - Claude models |
| Gemini | Cloud - Google Gemini models |
| DeepSeek | Cloud - DeepSeek models |
| Mistral | Cloud - Mistral models |
| Ollama | Local - run models on your machine |
| LM Studio | Local - run models on your machine |
Provider setup can be completed from the first-run wizard.
| Command | Description |
|---|---|
just up |
Pull pre-built images from GHCR and start all services |
just down |
Stop all services |
just dev |
Run API/lab in Docker and UI hot reload on host (requires Node.js) |
just logs |
Tail service logs |
just test api |
Run API unit tests (inside the running api container) |
just test ui |
Run Playwright UI tests |
just test shim |
Run docker-shim allow/block unit tests (no Docker needed) |
just test all |
Run all test suites in sequence |
just reset |
Wipe the local database |
just shell |
Open a shell in the lab container |
Browser / tool
│
▼
127.0.0.1:1337
│
▼
ferret-api :8000 / :1337
FastAPI + mitmproxy + SQLite
│
├── docker exec
▼
ferret-lab
pytest, ffuf, sqlmap, scripts, tests, notes
│
▼
ferret-ui :3000
Next.js
All persistent data is stored under:
${FERRET_DATA_DIR:-./data}
Ferret uses bind mounts rather than named Docker volumes.
To wipe local state and restart the setup wizard:
just resetThis removes the local database, including credentials.
You can also reset setup through the API when authenticated:
curl -X DELETE \
-H "Authorization: Bearer your-random-secret" \
http://localhost:8000/api/setupFor local UI development with hot reload:
just devThis runs the API and lab containers in Docker while serving the UI on the host via npm run dev. Node.js is required on the host for this mode.
Run tests with:
just test api # API unit tests (inside the running api container)
just test ui # Playwright UI tests (auto-starts Next.js dev server + mock API)
just test shim # docker-shim allow/block unit tests (no Docker needed)
just test all # run all three suites in sequenceFerret is designed for local security testing workflows and is not hardened for public exposure.
Before exposing Ferret outside localhost, understand the following:
| Risk | Detail |
|---|---|
| Proxy traffic | The proxy captures all HTTP/HTTPS traffic passing through it, including credentials. |
| API exposure | The API exposes request history, findings, and workspace files. |
| Lab execution | The lab container can execute testing tools on your behalf. |
| Credentials | API keys and AI provider credentials are stored locally and should be treated as secrets. |
Use a strong password and enable 2FA from the Settings page.
Do not open a public issue for security vulnerabilities.
See .github/SECURITY.md for the full disclosure policy and reporting instructions.
Past disclosures are published in security/ once fixes are available.
Thanks to the following researchers for responsibly disclosing security issues:
| Researcher | Issue | Year |
|---|---|---|
| Trent (@AzureADTrent) | DISC-2026-001 - Unauthenticated RCE via SSRF + docker-socket-proxy misconfiguration | 2026 |
Ferret is actively being developed.
Ideas, bug reports, feature requests, and contributions are welcome.
Want to help build it?
Email: aidan@synlace.ai
MIT - see LICENSE.