Transparent SSL/TLS Interception
Proxy for Linux
A powerful interception proxy written in Go that redirects HTTP/HTTPS traffic using iptables NAT for inspection, logging, and content modification.
A powerful interception proxy written in Go that redirects HTTP/HTTPS traffic using iptables NAT for inspection, logging, and content modification.
Everything for network traffic inspection and manipulation
Dynamically generates certificates for intercepted HTTPS connections with full decryption and re-encryption.
Full request/response capture stored in SQLite with searchable interface and detailed inspection.
Real-time traffic view, policy management, rewrite rules, and system control from a modern UI.
Route traffic through WireGuard tunnels with runtime toggleable control from the dashboard.
Anonymize upstream traffic through Tor SOCKS5 proxy with easy runtime toggling.
Modify HTTP/HTTPS responses on the fly using JSON rewrite rules with auto-reload on changes.
Export decrypted traffic to PCAP files for Wireshark analysis and deeper inspection.
Drop or bypass inspection by domain, IP, or CIDR with flexible allowlist mode support.
Full REST API for automation, integration, and programmatic control of all features.
Get up and running in minutes
# 1. Clone the repository
git clone https://github.com/dmitryporotnikov/SSLInspectingRouter.git
# 2. Run setup script (enables IP forwarding, checks dependencies)
cd SSLInspectingRouter
sudo ./scripts/setup.sh
# 3. Run the router (requires root)
sudo ./sslinspectingrouter -web :3000
# 4. Access the web dashboard
# Open http://<router-ip>:3000 in your browser
# Default credentials: admin / admin123Transparent traffic interception using iptables NAT
Device
Intercept & Decrypt
Internet
Real-time traffic monitoring and control
