XSniff is a lightweight, powerful mobile app for ethical hackers, pentesters, and security researchers to intercept, inspect, and replay HTTP/HTTPS requests right from their Android device.
Built with React Native + Expo, XSniff brings Burp Suite-style functionality to your fingertips β making web testing more mobile and accessible than ever.
- π Live HTTP/HTTPS Traffic Capture
- βοΈ Request/Response Inspection
- π οΈ Edit & Replay Requests
- π§ Header/Body Viewer
- π Export & Save Logs
- π Custom Proxy Support
- 𧩠Upcoming: Plugin System for Passive Recon (WHOIS, DNS, etc.)
Stay tuned...
- React Native (Expo)
- Node.js / Express (internal proxy backend)
- Expo FileSystem & SecureStore
- React Native Paper / TailwindCSS / Nativewind
- MITM Proxy Handling (planned)
- Node.js β₯ 18
- Expo CLI
- Android emulator or physical device (with proxy settings support)
git clone https://github.com/yourusername/xsniff.git
cd xsniff
npm install
npx expo start- Set up your Android device to use a proxy pointing to your dev machine
- (For HTTPS) Install and trust the custom CA certificate (coming soon)
This tool is intended only for ethical security testing. You must have proper authorization before testing any target. The developers are not responsible for misuse or illegal activity performed using this tool.