Skip to content

Flytrap

Webhook inspector, debugger, and chaos tester

A web catch-all for incoming webhooks with live display, paginated history, HMAC verification, and rejection-mode chaos testing.

Try live demo REST API docs Pricing
  • Docker container
  • Kubernetes Helm chart
  • 3 auth methods
  • 1 cache engine
  • 4 languages (EN, FR, ES, PT)
  • REST API + OpenAPI 3.0.3
  • Realtime WebSocket channels
  • MCP server for AI agents
  • Single Go binary — zero external deps
  • Stateless horizontal scale
Flytrap screenshot

Flytrap is your webhook debugger — capture any POST/PUT/PATCH/DELETE to any path, inspect headers and body, and verify HMAC signatures. Live view shows the latest webhook in real time. History pages through every capture. Rejection mode lets you chaos-test how senders handle failure (random 4xx/5xx, CORS simulation, custom statuses). Indispensable during integration work.

Flytrap
What it does

Key features

Catch-all handler for any path and HTTP method

Live view with real-time display of the latest webhook

Paginated history browser with search and filtering

Full header and body inspection with JSON pretty-printing

HMAC signature verification with configurable secret and header

Rejection mode (chaos testing) with random or fixed status codes

TTL-based auto-cleanup (default 12 hours)

Pause/resume polling for high-traffic debugging

Optional HTTP Basic and Bearer token auth

Flytrap
Why it's different

Where it goes beyond the obvious

Rejection mode for chaos testing webhook handlers without code changes

Real-time Redis-backed capture without a database dependency

Signature verification logging for HMAC debugging

Tech highlights

  • Storage: Redis with configurable TTL
  • Auth: HTTP Basic (optional), Bearer token (optional)
  • No database required — Redis only

Built on

Redis (go-redis v9)Centrifugemark3labs/mcp-go

REST API surface

  • {POST|PUT|PATCH|DELETE} /{any-path} Catch a webhook
  • GET /webhooks Paginated history with search
  • GET /webhooks/{id} One capture
  • GET /latest Most recent webhook
  • GET /settings Current mode, HMAC secret, rejection config
  • PUT /settings Switch to rejection mode live
  • GET /tail Runtime log stream

Full spec at GET /openapi — Swagger UI at /swagger/

Your infrastructure

Backends you can actually pick from.

This service speaks the backends below natively. Swap with a single environment variable.

Cache

  • Redis

Auth

  • Bearer token
  • HTTP Basic
  • LDAP

Realtime

  • Centrifuge WebSocket
Where it fits

Use cases

Testing webhook integrations during development

Debugging why a third-party webhook is failing

Understanding unknown webhook payloads and timing

Chaos testing how apps handle webhook failures

Capturing webhook traffic for compliance review

vs Webhook inspection and testing

Flytrap vs webhook.site, RequestBin (Pipedream), Hookdeck

A private webhook inspector that doesn't send your payloads to a third party

Compare head-to-head
Patterns

Architecture patterns featuring this service

Ship an internal platform without building plumbing

Hand your team a production-grade platform on day one: object storage, queues, auth, observability — all self-hosted, all wired to the same contract.

Debug webhooks in CI and production

Flytrap captures every webhook, verifies HMAC signatures, and simulates failure so you can test how senders behave.
Ready when you are

Deploy Flytrap. Today.

One Docker image. One compose stack. One afternoon to production. Flytrap is waiting.

See pricing Browse more services