30 open-source projects similar to beyondcode/expose, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Expose alternative.
Expose is a secure tunneling tool that creates public URLs for local development servers, making them accessible from the internet without complex network configuration. It forwards incoming HTTP requests and responses between a public relay server and a local machine, enabling external services to reach a development environment that would otherwise be isolated behind a firewall or VPN. The project distinguishes itself through a comprehensive set of webhook debugging and inspection capabilities. It captures all incoming webhook requests and displays them in a real-time dashboard or command-l
Sish is a reverse SSH proxy and tunneling server designed to expose local services to the internet. It functions as an SSH tunneling proxy that routes HTTP, WebSocket, and TCP traffic from a remote server to a local machine, enabling the creation of public URLs for local applications. The project distinguishes itself through a combination of an SNI proxy for routing encrypted TLS traffic without decryption and a TCP load balancer that distributes incoming requests across multiple backend targets. It also includes a dedicated service console for real-time inspection and debugging of forwarded
Proxyman is a cross-platform HTTP debugging proxy that captures, inspects, and modifies HTTP, HTTPS, and WebSocket traffic. It functions as a man-in-the-middle proxy, decrypting SSL/TLS traffic to allow real-time inspection and modification of encrypted requests and responses. The tool is designed for debugging web and mobile applications, with capabilities for API mocking and simulation, scriptable traffic modification, and team collaboration on network logs. What distinguishes Proxyman is its deep integration with mobile and cross-platform development workflows. It provides automated certif
tunnelto is a network tunneling tool that creates a public URL to forward traffic to a locally running web server, making it accessible from anywhere. It provides a way to expose local development servers to the internet through temporary or persistent public endpoints. The project supports authenticating tunnel connections with an API key to prevent unauthorized access, and allows reserving custom subdomains so the public URL remains stable across sessions. It also enables debugging webhook integrations by forwarding incoming requests to a local server for inspection during development, and
Localtunnel is an HTTP tunneling service that exposes local development servers to the public internet. By creating secure tunnels with temporary public URLs, it allows developers to route incoming internet traffic directly to a web server running on a local machine. The service provides predictable or custom subdomains to facilitate remote collaboration and testing of local applications. It functions as a localhost proxy server, enabling users to receive and inspect external webhook payloads directly within a local environment during the development lifecycle. The platform manages traffic t
Got is a promise-based HTTP request library for Node.js that supports HTTP/2 and streaming. It provides a system for making network requests with a focus on asynchronous control flow and type-safe API client development. The library is distinguished by its middleware-based request lifecycle, which uses interceptors and plugins to modify request options and response data. It includes a configurable automatic retry mechanism with backoff strategies, a built-in HTTP response cache, and a cookie-jar system for maintaining persistent sessions. Broad capabilities cover data handling through duplex
Whistle is an HTTP debugging proxy that captures, inspects, and modifies traffic through a web-based management interface. It operates as a man-in-the-middle proxy, intercepting HTTP, HTTPS, HTTP/2, WebSocket, and TCP traffic between clients and servers, and provides a plugin-based architecture that extends core functionality with custom rules, UI panels, and protocol handlers at runtime. The project distinguishes itself through a combination of capabilities that go beyond basic traffic inspection. It supports server-side headless operation on Linux, allowing it to intercept traffic for appli
Hotel is a reverse proxy and process manager for local development. It maps custom local domains and subdomains to specific ports or remote servers, removing the need for manual host file modifications. The project provides a web interface to manage the lifecycle of background processes and application servers. It includes on-demand process activation, which starts and stops servers automatically when accessed via a browser to conserve system resources. The tool generates self-signed SSL certificates to enable encrypted HTTPS connections for local environments. It also supports routing traff
Laragon is a portable web server suite and WAMP stack manager that provides a self-contained local development environment. It enables the bootstrapping of web applications through the orchestration of web servers, databases, and language runtimes on a single machine. The project is distinguished by its registry-free portable mode, allowing the entire development stack to be moved between drives or computers without re-installation. It features automated virtual host mapping and SSL certificate generation for local domains, as well as a local tunneling gateway to expose projects via public UR
Betwixt is a system-wide network monitor and web debugging proxy that captures network requests from any installed application. It functions as an HTTPS traffic inspector, routing operating system and command line interface traffic through a local proxy for analysis. The tool utilizes a Chrome DevTools compatible interface to render captured traffic, allowing for the inspection of requests and responses from non-browser sources. It performs man-in-the-middle HTTPS decryption by generating a trusted root certificate to inspect encrypted communication between clients and servers. The project c
ngrok is a secure TCP tunneling proxy and API ingress controller that exposes local services to the public internet. It establishes a persistent connection between a local agent and a cloud-based gateway to route traffic to local ports without requiring firewall or router configuration changes. The project provides a global gateway for routing API traffic, which includes built-in support for rate limiting and authentication policy enforcement. It also functions as an IoT device gateway, enabling remote command execution and access control for embedded hardware via a cloud-to-device bridge. A
Trape is a browser-based remote access tool and exploit framework designed for gathering device geolocation, hardware profiles, and network data. It functions as an open-source intelligence platform and a system for executing custom scripts and triggering browser vulnerabilities to capture credentials or monitor device activity. The project features a real-time geolocation tracker capable of retrieving precise physical coordinates and monitoring individual movement, including silent acquisition that bypasses standard location prompts. It further provides a network tunneling service to make lo
This project provides a remote development platform that enables users to access a full-featured integrated development environment through a standard web browser. By decoupling the user interface from the server-side filesystem, it allows for persistent coding workspaces to be hosted on remote servers, virtual machines, or cloud-native infrastructure, ensuring a consistent development experience from any device. The platform distinguishes itself through a secure gateway architecture that manages traffic, authentication, and encryption at the edge. It utilizes persistent WebSocket connections
This project is an open-source, privacy-focused web analytics platform designed for high-throughput data ingestion and multi-tenant data management. It provides a cookie-less tracking engine that captures visitor interactions using ephemeral request metadata, ensuring comprehensive traffic visibility while maintaining strict privacy standards. The architecture utilizes an event-driven ingestion pipeline and aggregated metric storage to decouple data collection from processing, enabling efficient long-term retrieval and responsive dashboard performance. What distinguishes this platform is its
Pangolin is a zero-trust remote access platform designed to provide secure, identity-aware connectivity to private network resources. It functions as a cloud-native network controller that orchestrates encrypted tunnels, traffic routing, and access policies across distributed environments. By leveraging WireGuard for secure data transport, the platform enables authenticated access to internal web applications, terminal sessions, and remote desktops without exposing services to the public internet. The platform distinguishes itself through a declarative infrastructure model that synchronizes n
Zphisher is a security testing framework designed for conducting authorized social engineering assessments and penetration testing. It functions as a credential harvesting simulator that enables security professionals to evaluate organizational defenses and user awareness by deploying deceptive login interfaces. The platform automates the creation of realistic web pages through dynamic template rendering and provides tools to mask destination addresses. It integrates reverse proxy tunneling to expose local testing services to the public internet, allowing for remote access during security aud
Salvo is a comprehensive Rust web framework for building asynchronous HTTP servers and web applications. It features a hierarchical web router that uses a tree-based structure to map requests to handlers and an asynchronous middleware pipeline based on the onion model for request and response pre- and post-processing. The framework is distinguished by its native support for modern network protocols, including a QUIC-based HTTP/3 implementation alongside HTTP/1 and HTTP/2. It includes an integrated OpenAPI documentation generator that extracts schemas directly from handler signatures to produc
Higress is an AI API gateway and cloud-native traffic manager that functions as a Kubernetes ingress controller. It provides a centralized system for routing, securing, and optimizing traffic directed toward large language models, AI agents, and microservice architectures. The project distinguishes itself through deep AI orchestration, including the ability to host and manage Model Context Protocol servers that transform REST APIs into tools for AI agents. It features specialized AI infrastructure for model request proxying, protocol translation across multiple providers, and semantic-based c
This project provides a server-side language runtime and a standardized Docker image for deploying applications across different operating systems. It functions as an execution environment for generating dynamic HTML, JSON, and XML content, while also serving as a command line interface for automation scripts and background jobs. The runtime is designed for extensibility through a C-based extension architecture, allowing the loading of custom modules for specialized functionality. It supports multiple server application interfaces, including a FastCGI web interface for high-performance commun
Fabio is a network gateway that provides reverse proxying, layer 7 traffic management, and automated service discovery mapping. It functions as an HTTP reverse proxy, a gRPC and TCP proxy, and a service discovery gateway to route incoming traffic to healthy backend instances. The project distinguishes itself through deep integration with service registries, specifically acting as a Consul load balancer to automatically synchronize routing tables and update destination targets. It manages diverse traffic types using SNI-based routing for raw TCP streams and maintains full protocol compatibilit
Nuclei is a modular security scanning framework designed for automated vulnerability detection and infrastructure reconnaissance. It functions as a template-driven engine that executes security checks across diverse network protocols, allowing users to define custom detection logic to identify vulnerabilities, misconfigurations, and exposed assets. The platform distinguishes itself through its highly extensible architecture, which supports distributed scanning, headless browser automation for dynamic web content, and out-of-band interaction monitoring to detect blind vulnerabilities. It integ
Wretch is a chainable HTTP client library and Fetch API wrapper designed to simplify network request configuration, response parsing, and error handling. It functions as a network request manager and middleware framework for managing the end-to-end lifecycle of HTTP calls. The project is distinguished by a fluent interface for request configuration and a modular extension system. It utilizes a programmable response resolver to automate parsing and a plugin-based architecture to add new capabilities to request and response objects. The library covers a broad range of operational capabilities,
req is a chainable HTTP client library for Go designed to simplify request configuration and automatic response decoding into structures. It provides a fluent-interface request builder that allows developers to incrementally define request properties and encapsulate HTTP logic into reusable API SDKs. The project distinguishes itself with a TLS fingerprint emulator that mimics browser network signatures to bypass bot detection and crawler filters. It also includes a concurrent file downloader that increases transfer speeds by fetching large remote files in parallel segments. The library cover
Telepresence is a hybrid development environment and network proxy for Kubernetes. It provides a system for running workloads on a local machine while maintaining active connectivity to a remote cluster environment. The project functions as a traffic interceptor and network bridge, establishing a two-way tunnel between a local workstation and a remote cluster. This allows for the redirection of traffic from a remote Kubernetes service to a local process, enabling real-time debugging and testing of code without the need to redeploy containers. Its capabilities cover remote cluster connectivit
CamPhish is a social engineering framework and phishing tool designed to capture webcam photos and GPS coordinates from remote devices. It uses web interfaces to request browser permissions, allowing it to retrieve device media and geographic location data. The project includes a local server tunneling tool that creates public internet links, making hosted phishing pages accessible to remote users. It also features a GPS location tracker that retrieves latitude and longitude coordinates and displays them on maps. The system manages the exfiltration of captured data to a backend server, where
Mutagen is a cross-platform file synchronization engine and development environment orchestrator. It provides real-time bidirectional file synchronization between local machines, remote servers, and Docker containers, often utilizing SSH for transport. The tool functions as a high-performance alternative to Docker bind mounts by mirroring files between a local host and a running container. It also operates as a network port forwarding utility, routing TCP traffic and Unix domain sockets between local and remote environments via SSH. Its capability surface includes filesystem event monitoring
Hetty is an HTTP intercepting proxy and web security research toolkit used to capture, inspect, and modify traffic between a browser and a server. It functions as an HTTP request editor for creating and replaying manual requests to test server behavior and as a project-based traffic logger that isolates network logs across different security research engagements. The tool provides a request-response interception loop that pauses outgoing requests and incoming responses in transit, allowing for manual editing or cancellation. It includes a manual request replay engine to construct and transmit
Cosmos-Server is a self-hosted server platform that combines an authentication gateway, a reverse proxy with dynamic rate limiting, and a Docker container orchestrator into a single management interface. It provides automatic HTTPS certificate management with wildcard support through DNS challenges, and secures self-hosted applications with token-based session management and plugin-based authentication middleware. The platform distinguishes itself by integrating these capabilities into a unified system where the reverse proxy enforces authentication, rate limiting, and TLS termination before
Awesome Tunneling is a curated directory of technologies designed to facilitate secure connectivity between distributed devices and local services. It serves as a comprehensive resource for identifying tools that enable remote access, private network creation, and the exposure of local environments to the public internet. The collection focuses on solutions that bypass network address translation and firewall restrictions through techniques such as reverse proxy tunneling, overlay network infrastructure, and peer-to-peer connectivity. It categorizes resources based on their ability to establi
01 is a voice-to-code agent and language model voice interface framework that enables natural language control of computers and devices. It functions as a real-time audio streaming server and a cross-platform voice client, translating spoken instructions into executable code to automate software, manage files, and browse the web. The system supports both local and cloud-based language models, alongside local or hosted speech-to-text and text-to-speech engines. It is designed for custom hardware integration, providing the means to build embedded AI voice controllers using microcontrollers like