API Inspector
Built by Cloud Geeks · Sydney
Intercept XHR & fetch calls in a clean DevTools panel. Request/response viewer with filtering, search, and export — built for the OWASP API Security Top 10 reality.
Three things, executed cleanly.
Built because Chrome's Network panel is too noisy when you only care about API calls and the responses behind them.
Intercepts XHR & fetch
Every fetch() and XMLHttpRequest on the page is captured with method, URL, status, headers, and response body up to 5KB.
Search & status filters
Filter by URL pattern, status code (4xx/5xx), or method. Find the verbose-error response that broke staging in seconds.
Export to JSON / cURL
Right-click any request to copy as cURL, save the response as JSON, or open in DevTools' native Network tab for deeper inspection.
Auditing your own APIs & debugging the third-party ones.
- Spotting verbose error messages that leak stack traces (OWASP API8:2023).
- Catching authorization headers and tokens that shouldn't be in the response body.
- Auditing third-party SaaS dashboards your team uses, before signing the contract.
- Building integrations: replay an API call from the dashboard as a runnable cURL.
Built by the team running Sydney IT and security.
Cloud Geeks runs managed IT, cloud (AWS / Azure / GCP) and cybersecurity for Sydney SMEs — from AUD 80/seat per month, cloud migrations between AUD 5,000 and 50,000, and security audits from AUD 2,500.
We built API Inspector because every client engagement involves verifying somebody else's API responses, network exposure, headers, or token handling — and a clean Chrome panel was faster than rummaging through DevTools every time.
If you'd rather have someone audit your stack and run it for you, that's our day job. Book a free IT & security review →