Moxy
Moxy (Next-Gen Man in the middle proxy) Open-source DAST tool for pentesting powered by agentic AI capabilities (Supporting Ollama). Built on top of browser-use, Moxy streamlines dynamic application security testing.
🚀 INSANELY EASY TO USE
And it's free, who doesn't like free stuff?
Moxy leverages MITMproxy as an intercepting HTTP/HTTPS proxy to capture and modify traffic during dynamic application security testing.
By default, Moxy works without requiring any AI configuration or credentials - even browser-based DAST flows don't use AI unless enabled.
Moxy supports both OpenAI's API and Ollama (local AI) for agentic features. The agent uses AI to reason about your application's attack surface, replay or modify traffic, and even drive browser sessions to generate new test scenarios.
Capabilities of the Agent:
- Query prior captured HTTP requests
- Send/modify/resend new requests
- Operate a real browser (using browser-use) for dynamic tests and request creation
