HTTPS for localhost,
with eyes on every request.

Local reverse proxy with TLS termination, custom DNS, and a terminal UI for inspecting, intercepting, and replaying HTTP traffic.

Get started View on GitHub 
$ curl -fsSL https://raw.githubusercontent.com/vandot/zlodev/main/install.sh | sh
zlodev
zlodev
STATUS running
DOMAIN dev.lo
PROXY https → 127.0.0.1:3000
CA http://dev.lo/ca
REQUESTS (7) autoscroll intercept
METHOD STATUS TIME SIZE PATH
GET 301 1ms 0B /
GET 200 3ms 4.2KB /
GET 200 5ms 18KB /assets/style.css
> POST 501 1ms 357B /api/auth/login
GET 200 24ms 1.1KB /api/user/profile
GET 304 8ms 0B /api/dashboard/stats
GET 200 1ms 766B /favicon.ico

Features

~>

HTTPS reverse proxy

TLS termination with auto-generated CA and domain certificates. Your browser sees a trusted green lock.

*.lo

Custom DNS

Resolves *.lo to localhost automatically. No /etc/hosts editing needed.

>_

Terminal UI

Live request list with method, path, status, timing, and body size. Detail view for headers and body.

||

Request interception

Hold requests before they reach your server. Inspect, edit, accept, or drop them in real time.

<r>

Replay & edit

Re-send any captured request. Edit method, path, headers, and body before replaying.

{ }

HAR export

Export captured traffic as HTTP Archive files for sharing, analysis, or import into other tools.

curl

Copy as curl

Copy any request as a ready-to-run curl command with a single keystroke.

ws://

WebSocket passthrough

Transparent proxying of WebSocket upgrades. HMR and live-reload just work.

:0

Port auto-detect

Reads .env and framework configs to find your dev server port. Zero config for most setups.

Quick start

1

Install

$ curl -fsSL https://raw.githubusercontent.com/vandot/zlodev/main/install.sh | sh
2

Set up certificates and DNS

$ zlodev install
3

Start your dev server

$ npm run dev # or whatever starts your app
4

Start zlodev

$ zlodev start

Your app is now at https://dev.lo

How it works

DNS resolver

A lightweight UDP server resolves *.lo queries to 127.0.0.1. Registers via /etc/resolver/ on macOS, systemd-resolved on Linux, and NRPT rules on Windows.

Certificate authority

On install, zlodev generates a local CA and domain certificate using OpenSSL. The CA is added to your system trust store, unique to your machine.

TLS proxy

An HTTPS reverse proxy on port 443 terminates TLS, forwards plain HTTP to your dev server, and relays responses back over the encrypted connection.

HTTP server

A plain HTTP server on port 80 serves the CA certificate download page for mobile devices and redirects other traffic to HTTPS.

Options

Local network / mDNS

Use -l to bind to .local via mDNS. Access your dev server from mobile devices on the same network.

Headless mode

Run with --no-tui for script and CI usage. Logs go to stderr instead of the terminal UI.

Max body control

Set --max-body=50M to control how large a request body the proxy will accept. Supports K, M, G suffixes.

Cross-platform

Works on macOS, Linux, and Windows. Written in Zig with OpenSSL 3 for TLS. Single binary, no runtime dependencies.