DebugProbe.AspNetCore is a lightweight ASP.NET Core debugging tool for inspecting HTTP traffic directly inside your application.
It captures request and response data, exposes a local dashboard, and helps compare traces across environments so you can spot differences between local, staging, and other API runs.
- Website: debugprobe.dev
- Documentation: debugprobe.dev/docs
- Roadmap: Roadmap.md
- Live demo: demo.debugprobe.dev/debug
- Demo API: demo.debugprobe.dev/swagger
- NuGet: DebugProbe.AspNetCore
dotnet add package DebugProbe.AspNetCorebuilder.Services.AddDebugProbe();
app.UseDebugProbe();Start your application and open:
http://localhost:{port}/debugIn Production, DebugProbe captures traces but does not register UI endpoints unless explicitly enabled.
builder.Services.AddDebugProbe(options =>
{
options.MaxEntries = 10;
options.MaxBodyCaptureSizeKb = 256;
options.AllowLocalCompareTargets = true;
options.AllowUiInProduction = false;
options.CaptureOutgoingHttpClientRequests = true;
options.IgnorePaths =
[
"/api/auth/login",
"/api/auth/refresh"
];
options.RedactedHeaders =
[
..options.RedactedHeaders,
"X-Api-Key",
"X-Auth-Token"
];
options.RedactedQueryParameters =
[
"api_key",
"access_token"
];
options.RedactedJsonFields =
[
"password",
"refreshToken"
];
});
app.UseDebugProbe();- Request inspection
- Response inspection
- Headers, query string, and body capture
- Error visibility
- Local debugging dashboard
- Trace comparison across runs or environments
- JSON formatting for captured payloads
- Configurable body capture limits
- Ignored path configuration for noisy or sensitive endpoints
- Configurable redaction for sensitive headers, query parameters, and JSON fields
- Optional outgoing
HttpClientrequest tracing
DebugProbe can compare a local trace with a trace captured by another DebugProbe-enabled application.
Typical workflow:
- Run both applications with DebugProbe enabled.
- Open the local dashboard at
/debug. - Open the trace you want to compare.
- Use the compare action and provide the remote application's base URL and trace ID.
Compare is useful when checking differences between local and remote environments, repeated runs, or two versions of the same API flow.
Dynamic values such as IDs, timestamps, tokens, and selected headers are normalized so the compare view focuses on meaningful request and response differences.
DebugProbe UI endpoints are disabled by default in Production. Capture and trace storage continue to run, but the dashboard, trace viewer, compare UI, UI assets, and UI clear action are not registered unless explicitly enabled:
builder.Services.AddDebugProbe(options =>
{
options.AllowUiInProduction = true;
});DebugProbe masks common sensitive headers automatically:
AuthorizationCookieSet-Cookie
You can also configure application-specific values to redact before traces are stored:
builder.Services.AddDebugProbe(options =>
{
options.RedactedHeaders =
[
..options.RedactedHeaders,
"X-Api-Key",
"Client-Secret"
];
options.RedactedQueryParameters = ["token", "api_key", "access_token"];
options.RedactedJsonFields = ["password", "secret", "refreshToken"];
});DebugProbe is designed primarily for local development and controlled development environments.
If you use it outside local development, protect the dashboard with authentication, restrict network access, and avoid capturing sensitive endpoints or payloads.
For full setup details, screenshots, dashboard behavior, configuration options, and live examples, see the documentation:
Contributions are welcome. Please read CONTRIBUTING.md before opening an issue or pull request.
DebugProbe.AspNetCore is licensed under the Apache License 2.0.