
Show HN: Intercept network traffic right on your iPhone - aggregator-ios
https://itunes.apple.com/us/app/peek-tools/id1187756601?mt=8
======
EJTH
Hey this is actually pretty useful!

I understand the need for installing a certificate to capture SSL, but it
would be nice if you could just roll your own root CA cert. The documentation
is not clear wether this is possible...

The link to the user guide on the itunes page is 404.
([https://peek.tools/ios/guide](https://peek.tools/ios/guide))

Is it possible to view the requests on the mac instead of the phone as well?

Other than that, looks really useful, I'll try it out next time the need
arises.

~~~
aggregator-ios
Developer here, thanks for your kind note :)

Makes sense that you would want to use your own root CA--especially when
public key pinning is used. Added to the feature list!

The ability to view interception data on the Mac is on the roadmap. In fact,
Peek for macOS ([https://peek.tools](https://peek.tools)) uses the same
internal framework as Peek Tools for iOS, and sharing can be as easy as
AirDrop.

Sorry about the 404 link, I'll fix that in the next update

------
chatmasta
Cool. But I'm not sure what the value is of putting this on the phone you are
targeting, rather than on a computer on the same wifi network (or a VPN). Why
not just use fiddler/charles/mitmproxy/burp on your computer? Doesn't the
desktop interface lend itself much better to something like proxy debugging?

On another note, if you want this to work on cellphone networks as well as
wifi, could you create a local VPN server (I think this is possible with
swift), connect to it via the iOS tun API and then use the proxy on its local
VPN address?

When I want to intercept iOS traffic, I connect to a VPN with proxy settings
to a mitmproxy instance running on the VPN subnet.

~~~
aggregator-ios
Great points :)

Peek Tools for iOS is built using the same internal framework as Peek for
macOS ([https://peek.tools](https://peek.tools)). And while the iOS version
doesn't have the JSON Query capability, the interception features are the
same. I found myself and other engineers needing to debug network requests in
a meeting, or during demonstration by QA, where access to a desktop is just
not readily available or it's cumbersome. IMO, the app isn't a replacement for
the desktop, but provides for a quicker and easier experience on an
iPad/iPhone.

You can definitely roll your own VPN server and connect to it from the app--I
didn't explore that for the 1.0 release, but it's certainly compelling :)

Developer of Peek Tools

