Chrome Extension + Python

GHL Sniffer

Capture every GoHighLevel API call. Analyze, audit, and map endpoints — all from one Chrome extension.

330+
API Calls Captured
91
Unique Endpoints
13
Categories Mapped
Process

How It Works

Three steps from raw network traffic to clean, actionable intelligence.

01 / CAPTURE
Capture
Chrome extension silently intercepts every API call as you navigate GHL — workflows, contacts, funnels, and more. Runs entirely in the background with zero UI friction.
02 / ANALYZE
Analyze
Python CLI runs backup, audit, and endpoint mapping on the exported JSON. Outputs security reports, performance percentiles, and a deduplicated endpoint catalog.
03 / SECURE
Secure
Auto-redacts JWT tokens and sensitive headers before any export or sharing. Flagged requests are logged with remediation steps — never silently dropped.
Capabilities

What You Get

Three powerful Python commands that turn raw API logs into clean deliverables.

backup
Backup & Sanitize
Exports a clean, redacted copy of your harvest file — safe to share or commit.
  • Strips raw JWT tokens from all headers
  • Adds metadata header with timestamp + record count
  • Saves to timestamped JSON backup file
  • Logs redaction count per run
audit
Security + Performance Audit
Generates a 4-section terminal report covering security exposure, latency data, and anomalies.
  • Summary: total records, session duration, categories
  • Security flags: exposed JWT count, error rate
  • Latency percentiles: P50, P95, P99
  • Anomaly detection: slow requests, HTTP errors
endpoints
Endpoint Map
Builds a deduplicated catalog of every internal GHL endpoint you've hit, grouped by category.
  • 91 unique endpoints discovered across 13 categories
  • Grouped: Workflows, Funnels, Contacts, Billing, and more
  • Outputs Markdown, JSON, or CSV
  • Call count + avg latency per endpoint
Live Demo

Sample Audit Output

What the Python CLI prints after running python harvester.py audit.

ghl-api-harvest-2026-04-17.json 
================================================================
  GHL API HARVEST — AUDIT REPORT
  Generated: 2026-04-17 21:30 PHT
  Source:    ghl-api-harvest-2026-04-17.json
================================================================

## 1. SUMMARY
  Total records:     330
  Time range:        2026-04-17 19:42 → 21:18 PHT
  Session duration:  96 min
  Categories:        13
    Workflows              87 calls
    Funnels                52 calls
    Other                  88 calls

## 2. SECURITY FLAGS
  ⚠  EXPOSED JWT TOKENS: 287 requests contain raw JWTs
     → Run 'backup' command to create a redacted copy
  ✓  Error rate: 12/330 (3.6%)

## 3. PERFORMANCE
  Latency percentiles:
    P50:    312 ms
    P95:    2847 ms
    P99:    4521 ms
Built with Chrome Extension Manifest V3 Python 3.11 JSON Git

All Endpoints