Skip to main content

Quick Start

This guide takes you from download to inspecting your first captured request in about 5 minutes. Rockxy is a free, native macOS app — no account, no license key, no cloud dependency.

1. Download Rockxy

Grab the latest release from GitHub Releases. Choose the Universal .dmg if you are unsure which architecture your Mac uses.

2. Install

Open the .dmg and drag Rockxy.app to the Applications folder. Launch it from Applications or Spotlight. If macOS blocks the app, right-click it and select Open, then click Open again in the confirmation dialog.

3. Trust the Root CA

HTTPS interception will not work until you install and trust the root CA certificate. Skip this step only if you need to capture plain HTTP traffic.
  1. In the Rockxy menu bar, go to Certificate > Install Root CA.
  2. Enter your macOS password to add the certificate to your system keychain.
  3. Open Keychain Access, find Rockxy CA, double-click it.
  4. Expand Trust and set When using this certificate to Always Trust.
  5. Close the dialog and enter your password to confirm.
The root CA private key is stored in your macOS Keychain and never leaves your machine. Per-host certificates are generated on the fly during HTTPS interception.

4. Start Capturing Traffic

Click the Start button in the toolbar or use the keyboard shortcut. Rockxy sets itself as the system HTTP/HTTPS proxy and begins capturing traffic from all applications.
Press Cmd+Shift+R to toggle traffic capture on and off.
Open a browser or any app that makes network requests. You will see requests appear in the request list in real time.
Rockxy traffic capture view

5. Inspect a Request

Click any request in the list to open the inspector panel. The inspector has several tabs:
  • Headers — request and response headers, status code, HTTP version.
  • Body — request and response bodies with syntax highlighting for JSON, XML, HTML, and other formats.
  • Cookies — parsed cookie key-value pairs from both request and response.
  • Timing — connection timing breakdown: DNS, TLS handshake, time to first byte, total duration.
  • Raw — the complete raw HTTP message for both request and response.
For WebSocket connections, you will see individual frames listed with their opcode, direction, and payload.

6. Explore Logs and Analytics

Switch to the Logs tab in the sidebar to see captured application logs from OSLog streams and process stdout/stderr. Logs are correlated with network requests by timestamp and process, so you can trace a request from the network layer through to the application log output. Open the Errors tab to see automatically grouped error patterns across HTTP 4xx/5xx responses and log-level errors. Open the Performance tab to see latency percentiles, slow request detection, payload size tracking, and trend comparisons against previous sessions.

Next Steps

HTTPS Interception

How Rockxy decrypts TLS traffic and manages certificates.

Traffic Rules

Set breakpoints, map requests to local files, block or throttle endpoints.

Log Intelligence

Capture and correlate OSLog streams with network requests.

Error Analysis

Automatic error detection, grouping, and pattern tracking.

Keyboard Shortcuts

All available keyboard shortcuts for fast navigation.

Sessions & HAR

Save, restore, import, and export captured traffic.