TunnelSight

Packet Analysis and Injection

$4.99 · In‑App Purchases

New scripting engine: rewrite requests, fake responses, and patch broken APIs with JavaScript, all on-device. Dry-run every script against a real packet first. TunnelSight is your on-device network microscope, built for iOS and purpose-crafted for developers, network engineers, and security researchers who need real-time, packet-level visibility into every HTTP and HTTPS transaction. Install your unique per-device root CA once, start TunnelSight’s Local VPN tunnel, and instantly see every request, response, header, and body live, decoded, and ready for analysis. With the new on-device scripting engine, you can rewrite headers, mutate bodies, swap URIs, or short-circuit responses in flight, all driven by JavaScript you author and dry-run from your iPhone or iPad. Key Features • Live Packet Interception Local VPN plus MITM proxy architecture captures all HTTP and HTTPS traffic on-device with zero cloud dependency. • cURL-Exact Replay For any intercepted request, generate a ready-to-run cURL command to reproduce the exchange in your terminal with headers, method, and body intact. • JSON Export and Reporting One-tap export of request and response pairs as structured JSON. Integrate with your CI, SIEM, or custom tooling. • Smart Caching and Filtering Cache responses on demand. Define URL, header, or content filters to focus on what matters. • Searchable Session History Full-text search across captured traffic so you can find specific API calls quickly. • Secure Per-Device Root CA Automatically generates a self-signed root certificate unique to each device. Simple one-time install with no shared keys. • Remote Device Debugging (Pro Feature) Optionally inspect traffic from another device you control by manually configuring it to use TunnelSight as a proxy. Requires explicit setup and certificate installation on that device. Designed for testing and debugging across multiple devices. • On-Device Scripting Engine Write JavaScript scripts that intercept and mutate live traffic. Rewrite headers, bodies, URIs, and methods, change response status codes, or short-circuit a request with a synthetic response. Chain multiple scripts in order, scope them with URL and method matchers, and validate every change against a real captured packet using the built-in dry-run preview before going live. Start from packet-aware templates generated straight from any captured request. Why TunnelSight? • Zero-Trust Testing Validate your mobile app’s backend calls under real network conditions. • On-Device Debugging No desktop proxy required. Debug directly from your iPhone or iPad. • Multi-Device Testing Debug requests from additional devices using the optional Pro feature. • Audit and Compliance Export logs for penetration testing, audits, or bug bounties. Disclaimers and Legal Notices 1. Intended Use Only TunnelSight is designed for lawful testing, debugging, and security research on networks and applications for which you have explicit permission. Unauthorized interception or decryption of traffic may violate local laws and regulations. 2. User Responsibility By installing the TunnelSight root certificate and using the Local VPN, you acknowledge the security implications of a device-wide MITM proxy. You are solely responsible for safeguarding your device and certificates. 3. Privacy and Data Handling All packet capture and analysis is performed locally on your device. TunnelSight does not transmit captured data to any external server. However, exported files may contain sensitive information and should be handled accordingly. 4. No Warranty and Limitation of Liability TunnelSight is provided as is without warranty of any kind. In no event shall the developers be liable for any direct, indirect, incidental or consequential damages arising from use or inability to use the software. 5. Compliance It is your responsibility to ensure that your use of TunnelSight complies with applicable data protection regulations. Ready to see through the tunnel? Download TunnelSight today and turn your iOS device into a packet-level debugger.

Ratings & Reviews

  • This app hasn’t received enough ratings or reviews to display an overview.

Scripting Engine • Author JavaScript scripts that intercept live HTTP and HTTPS traffic on-device. • Rewrite request headers, bodies, URIs, and methods, or change response status codes mid-flight. • Short-circuit any request with a synthetic response to simulate failures, stub backends, or test edge cases. • Scope each script with URL and method matchers so it only runs where you want it. • Chain multiple scripts in order, with each script's output feeding the next. • Dry-run any script against a real captured packet and inspect the full mutation diff and console logs before enabling it. • Generate ready-to-edit script templates straight from any packet in your capture history.

Version 4.0

The developer, Unified-Projects, indicated that the app’s privacy practices may include handling of data as described below. For more information, see the developer’s privacy policy .

  • Data Not Collected

    The developer does not collect any data from this app.

    Privacy practices may vary, for example, based on the features you use or your age. Learn More

    Accessibility

    The developer has not yet indicated which accessibility features this app supports. Learn More

    Information

    Seller
    • Unified Projects LTD.
    Size
    • 27.4 MB
    Category
    • Developer Tools
    Compatibility
    Requires iOS 17 or later.
    • iPhone
      Requires iOS 17 or later.
    • iPad
      Requires iPadOS 17 or later.
    Languages
    • English
    Age Rating
    16+
    In-App Purchases
    Yes
    Copyright
    • © 2026 Unified Projects LTD.
  • Developer Website
  • Privacy Policy

    • More by Unified-Projects

    You Might Also Like