Inspect tab showing host input and recent lookups
Inspect any HTTPS endpoint
Live Monitor showing observed hosts and certificates
Live Monitor captures certificates passively
Host detail view showing trust status and certificate info
Trust status and certificate details
Certificate chain view showing full X.509 details
Full certificate chain and X.509 fields

New

Live Monitor

Passively observe TLS certificates across your device's traffic. Nothing is intercepted or modified — certificates are captured from live handshakes and shown in a scrollable feed.

  • Extracts certificate chains and SNI from live TLS handshakes
  • Detects certificate changes across repeat observations
  • All data stays on-device
  • Works on iOS and macOS
Inspect for Mac showing certificate workspace

Security Analysis

  • Trust failures and hostname mismatch
  • Expired or not-yet-valid certificates
  • Weak key sizes and signature algorithms
  • Suspicious CA usage on leaf certificates
  • Interception products surfaced from metadata
  • Certificate changes detected by Live Monitor

Technology

  • Swift 6 and SwiftUI
  • Security framework and URLSession TLS capture
  • Rust forwarding core for Live Monitor
  • Apple swift-certificates, swift-asn1, swift-crypto
  • Platform-native packet tunnel extensions