Charles Proxy

Best Self Hosted Alternatives to Charles Proxy

A curated collection of the 4 best self hosted alternatives to Charles Proxy.

Desktop web debugging proxy that captures, records, inspects, and modifies HTTP/HTTPS traffic between applications and the internet. Used for API testing, mobile/web debugging, SSL inspection, and performance analysis.

Alternatives List

#1
Requestly

Requestly

Open-source API client and HTTP interceptor to test APIs, modify requests and responses, and create API mocks for faster development and debugging.

Requestly screenshot

Requestly is a local-first API client combined with an HTTP interceptor for capturing, inspecting, and modifying HTTP/HTTPS traffic. It helps developers test APIs, mock backend responses, and override network behavior from a browser extension or desktop app.

Key Features

  • REST API client with collections, environments/variables, and request history
  • HTTP interception and modification rules for requests and responses
  • URL redirects and rewrites (host, query params, map local/remote)
  • Modify request/response headers and bodies
  • Script injection and resource overriding for web pages
  • API mocking with static and dynamic overrides, including GraphQL targeting
  • Session recording for capturing and sharing relevant network traffic
  • Local workspaces stored on disk, with optional team sync workflows

Use Cases

  • Debug and test REST/GraphQL APIs with environment-specific variables
  • Mock backend APIs to unblock frontend development and E2E tests
  • Redirect traffic between staging/dev/prod endpoints and override scripts/resources

Limitations and Considerations

  • Some capabilities depend on where it runs (browser extension vs desktop app) and what traffic can be captured in that environment

Requestly is well-suited for developers who want a Postman-like API client combined with Charles/Fiddler-style interception. It provides practical tooling for request rewriting, API mocking, and repeatable debugging workflows without requiring heavy infrastructure.

6.1kstars
550forks
View Details
#2
Tinyproxy

Tinyproxy

Tinyproxy is a small, efficient HTTP/HTTPS proxy daemon for POSIX systems, designed for low resource usage with access controls, filtering, and optional reverse/transparent proxying.

Tinyproxy screenshot

Tinyproxy is a lightweight HTTP/HTTPS proxy daemon for POSIX operating systems, designed to be fast and resource-efficient. It is commonly used to provide a simple forward proxy for small networks and embedded or low-spec environments.

Key Features

  • HTTP proxy with HTTPS tunneling via the CONNECT method (does not modify HTTPS traffic)
  • Small footprint and low CPU/memory usage, suitable for embedded deployments
  • Access control lists to allow/deny clients by IP, subnet, interface, or hostname rules
  • Optional URL/domain filtering (build-time option)
  • Upstream proxy support with per-site rules (including the ability to null-route specific targets)
  • Optional transparent proxy mode and reverse proxy mode (build-time options)
  • Header management for HTTP traffic (add/insert headers) and privacy-oriented header filtering
  • Built-in statistics/monitoring endpoint via a configurable “stat host”

Use Cases

  • Sharing a single internet connection in a small office/home network with controlled client access
  • Deploying a minimal forward proxy on routers, appliances, or low-resource servers
  • Enforcing simple outbound web access policies (ACLs, filtering, upstream routing)

Limitations and Considerations

  • HTTPS is only tunneled (CONNECT); it cannot filter or rewrite encrypted content
  • Some capabilities (filtering, upstream, reverse, transparent modes) may require specific build-time options and network/firewall configuration

Tinyproxy is a practical choice when you need a straightforward HTTP/HTTPS proxy with basic policy controls and minimal overhead. Its simple design makes it easy to operate and customize for constrained environments and small-network scenarios.

5.6kstars
742forks
View Details
#3
g3proxy

g3proxy

High-performance Rust proxy supporting HTTP/SOCKS5 forwarding, transparent proxying, TLS MITM, ICAP integration, ACLs, auth, and observability features.

g3proxy screenshot

g3proxy is an enterprise-oriented generic proxy built in Rust for forwarding and controlling network traffic. It supports multiple proxy modes and is designed for performance, flexible routing policies, and security-focused traffic processing.

Key Features

  • HTTP/1 and SOCKS5 forward proxy support
  • TCP stream proxying, SNI proxying, and transparent proxying (TPROXY)
  • Basic HTTP reverse proxy capabilities
  • Proxy chaining with dynamic upstream proxy selection
  • Flexible egress routing and customizable selection strategies
  • TLS features including interception (MITM), decrypted traffic dumping, and protocol interception (HTTP, IMAP, SMTP)
  • ICAP adaptation for integrating with third-party security products
  • User authentication, per-user site configuration, and rich ACL/limit rules (ingress/egress/user-level)
  • Metrics and observability integrations with detailed per-dimension monitoring
  • Graceful reload for configuration changes

Use Cases

  • Centralized enterprise forward proxy with policy enforcement and per-user controls
  • Security inspection gateway using TLS interception and ICAP-based malware/DLP tooling
  • Network traffic routing and failover via proxy chaining and egress selection

Limitations and Considerations

  • Reverse proxy and NAT traversal capabilities are described as work-in-progress in the broader G3 project context
  • TLS MITM and protocol interception require careful certificate management and may have compliance implications

g3proxy is well suited for organizations that need a fast, configurable proxy with strong access controls and traffic inspection options. Its Rust-based implementation and rich policy/routing features make it a solid foundation for enterprise proxy and security gateway deployments.

808stars
66forks
View Details
#4
Privoxy

Privoxy

Privoxy is a self-hosted, non-caching web proxy that filters ads and trackers, rewrites content, and modifies HTTP headers for privacy and access control.

Privoxy screenshot

Privoxy is a non-caching web proxy focused on privacy and policy-based filtering. It can modify web page content and HTTP headers to reduce tracking, remove ads, and enforce access rules for users or networks.

Key Features

  • Non-caching HTTP/HTTPS proxy suitable for single users or multi-user networks
  • Rule-based content filtering to remove ads, trackers, and unwanted page elements
  • HTTP header modification to improve privacy and control client/server behavior
  • Access control features for restricting sites, clients, or request patterns
  • Highly flexible, file-based configuration designed for customization

Use Cases

  • Network-wide ad/tracker reduction for browsers without needing extensions
  • Privacy hardening by stripping or rewriting identifying headers and content
  • Enforcing browsing policies and access restrictions on a home or small-office network

Limitations and Considerations

  • No built-in trusted binary build infrastructure; users should prefer verified sources and signatures when available
  • Filtering requires ongoing rule/config tuning and may occasionally break site functionality

Privoxy is a mature, configurable proxy for users who want transparent, centralized filtering and privacy controls. It fits well as a local host proxy or a gateway service for multiple devices and users.

View Details

Why choose an open source alternative?

  • Data ownership: Keep your data on your own servers
  • No vendor lock-in: Freedom to switch or modify at any time
  • Cost savings: Reduce or eliminate subscription fees
  • Transparency: Audit the code and know exactly what's running