Security News
MCP Steering Committee Launches Official MCP Registry in Preview
The MCP Steering Committee has launched the official MCP Registry in preview, a central hub for discovering and publishing MCP servers.
By Sarah Gooding - Sep 09, 2025
@pb33f/wiretap
Advanced tools
@pb33f/wiretap
The world's coolest OpenAPI contract compliance API Proxy testing tool.
wiretap
A local and pipeline based tool to sniff API request and responses from clients and servers to detect OpenAPI contract violations and compliance.
A shift left tool, for those who want to know if their applications are actually compliant with an API.
This is an early tool and in active development, Why not try it out and give us some feedback?
Read the quickstart guide
Install wiretap for your platform
Installing using homebrew
The easiest way to install wiretap is to use homebrew if you're on OSX or Linux.
We have our own tap available that gives the latest and greatest version.
brew install pb33f/taps/wiretap
Installing using npm or yarn
Building a JavaScript / TypeScript application? No problem, grab your copy of wiretap using your preference
of yarn or npm.
yarn add global @pb33f/wiretap
or...
npm -i -g @pb33f/wiretap
Installing using cURL
Do you want to use wiretap in a linux only or CI/CD pipeline or workflow? Or you don't want to/can't use
a package manager like brew?
No problem. Use cURL to download and run our installer script.
curl -fsSL https://pb33f.io/wiretap/install.sh | sh
Installing/running using Docker
Love containers? Don't want to install anything? No problem, use our Docker image.
docker pull pb33f/wiretap
docker run -p 9090:9090 -p 9091:9091 -p 9092:9092 --rm -v \
$PWD:/work:rw pb33f/wiretap -u https://somehostoutthere.com
We enable the following default ports 9090, 9091, and 9092 for the daemon, monitor, and websockets used
by ranch respectively.
Installing on Windows
To grab your copy of wiretap for Windows, you can pull it from the
latest releases on github
and download the Windows version for your CPU type.
Running wiretap
To get up and running with the absolute defaults (which is to sniff all traffic on port 9090)
and proxy to https://api.pb33f.com you can run the following command.
wiretap -u https://api.pb33f.com
Adding an OpenAPI contract
wiretap -u https://api.pb33f.com -s my-openapi-spec.yaml
Documentation
FAQs
The world's coolest OpenAPI contract compliance API Proxy testing tool.
The npm package @pb33f/wiretap receives a total of 4,210 weekly downloads. As such, @pb33f/wiretap popularity was classified as popular.
We found that @pb33f/wiretap demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 22 May 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Pull Request Stories to Help Security Teams Track Supply Chain Risks
Socket’s new Pull Request Stories give security teams clear visibility into dependency risks and outcomes across scanned pull requests.
By André Staltz - Sep 08, 2025
Research
/Security News
npm Author Qix Compromised via Phishing Email in Major Supply Chain Attack
npm author Qix’s account was compromised, with malicious versions of popular packages like chalk-template, color-convert, and strip-ansi published.
By Sarah Gooding, Olivia Brown, Kush Pandya, Philipp Burckhardt, Peter van der Zee, Douglas Coburn - Sep 08, 2025