Cellist takes a tad bit of work to get going. It works so just keep plugging at your settings.
If you have any issues with your Keychain files, you can have a problem with HTTPS with Cellist. Use Keychain First Aid to potentially fix. After some repair to my system, Cellist is now working nicely, sniffing both HTTP and HTTPS. I set up a special “Location” under “Network” in the Settings app called “Cellist” and set the proxy settings there. When I need Cellist to capture data, I switch to that setting, launch Cellist, and capture. Then I switch back while Cellist is up so I can analize what I have captured and craft code based upon the info in Cellist.
If you are relegated to screen scraping / web scraping to develop an API for a system on the web that offers no API, this tool is invaluable, although not perfect.
It would be nice if the tool could export beyond copy/paste. It would be good if the column where the Request Body shows “Name” and “Value” could be resized directly instead of indirectly by changing the window size and sizes of other non-related columns in the display to force the “Name” larger so you can see the variable name from forms.
From A UI perspective, Cellist should not show HTTPS in the “Protocols” display if it is not selected in the preferences. Just best practice. It should also give some indication capture or failure to capture… some kind of an activity meter would be nice.
Keep in mind that Cellist can and does capture any password being used across HTTPS for any bank account, paypal account, history updates in Safari. Cellist needs to be thoroughly checked out at the traffic level to ensure that no sensitive information is being surreptitiously exfiltrated from your system… You are really putting your trust in Chi Wang by running Cellist…
Cellist can only be run for a little while before it crashes. Get used to taking screen snapshots of what Cellist displays before it crashes...