whatisgithub

What is ferret?

synlace/ferret — explained in plain English

Analysis updated 2026-05-18

29TypeScriptAudience · developerComplexity · 3/5LicenseSetup · moderate

In one sentence

An AI assisted intercepting proxy for security testers to capture, replay, and analyze HTTP traffic while hunting for vulnerabilities.

Mindmap

mindmap
  root((ferret))
    What it does
      Intercepts HTTP traffic
      AI annotates requests
      Tracks findings
    Tech stack
      TypeScript
      FastAPI
      mitmproxy
    Use cases
      Security testing
      Request replay
      Vulnerability tracking
    Audience
      Security testers
      Developers
    Setup
      Docker Compose
      Setup wizard
      Install CA cert

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Intercept and inspect HTTP and HTTPS traffic between a browser and a target web app.

USE CASE 2

Get AI generated notes on captured requests while testing for vulnerabilities.

USE CASE 3

Pause, edit, and forward or drop live requests before they reach the server.

USE CASE 4

Track findings by severity and host across a security assessment project.

What is it built with?

TypeScriptFastAPImitmproxyNext.jsSQLite

How does it compare?

synlace/ferretdavidhdev/rbp-portfoliodrakkar-softwares/polymarket-kalshi-arbitrage-bot
Stars292929
LanguageTypeScriptTypeScriptTypeScript
Setup difficultymoderateeasymoderate
Complexity3/52/53/5
Audiencedeveloperdesignerdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 30min

Requires Docker, Docker Compose, and the just command runner.

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

So what is it?

Ferret is a tool for security testers who need to intercept and study HTTP traffic while they look for vulnerabilities in web applications. It works like a proxy that sits between your browser or testing tool and the target website, capturing every request and response so you can inspect, replay, or modify them, and it adds an AI assistant on top to help analyze what it sees. The project runs as a set of Docker containers: a proxy and API service built on FastAPI and mitmproxy that captures traffic and stores it in SQLite, a Next.js web interface for browsing that traffic, and a separate lab container that holds security testing tools like pytest, ffuf, and sqlmap. Getting started requires Docker, Docker Compose, and a command runner called just, after which one command builds and starts everything. Once running, a setup wizard walks new users through connecting an AI provider such as OpenRouter, OpenAI, Anthropic, Gemini, DeepSeek, Mistral, Ollama, or LM Studio, and no manual configuration file is required to begin. The tool itself listens as a proxy that any browser or testing tool can be pointed at, with an option to install a certificate so it can also inspect encrypted HTTPS traffic. Key features include a request history log with AI generated notes on each entry, a findings tracker for logging vulnerabilities by severity and host, a feature called Snare that lets you pause and edit requests before they reach the server, a persistent request editor called Gnaw for repeatedly resending modified requests, and Workspaces, which give each testing project its own folder of scripts, notes, and automated tests that run inside the lab container. Multiple projects can be kept separate, each with its own history, findings, and API keys. The project is written in TypeScript, released under the MIT license, and is aimed specifically at people doing authorized security assessments rather than casual browsing.

Copy-paste prompts

Prompt 1
Walk me through setting up ferret with Docker and pointing my browser at its proxy.
Prompt 2
How do I use the Snare feature to intercept and modify a request before it is sent?
Prompt 3
Explain how Workspaces and the lab container let me run pytest tests against a target.
Prompt 4
What AI providers can I connect to ferret's setup wizard?

Frequently asked questions

What is ferret?

An AI assisted intercepting proxy for security testers to capture, replay, and analyze HTTP traffic while hunting for vulnerabilities.

What language is ferret written in?

Mainly TypeScript. The stack also includes TypeScript, FastAPI, mitmproxy.

What license does ferret use?

Use freely for any purpose, including commercial use, as long as you keep the copyright notice.

How hard is ferret to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is ferret for?

Mainly developer.

Open on GitHub → Ask about another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.