NoSnoop Find out if your HTTPS traffic is being monitored


NoSnoop is a standalone, browser-independent application that aims to detect ongoing Man-in-the-Middle (MITM) attacks. To do so, it will connect to a set of 250 major websites and examine the certificate chains used by each connection. An alert will be raised for each unexpected certificate detected.

NoSnoop will reveal obvious MITM cases (such as interception by a local proxy server, your employer's SSL inspection gateways, or a malware infection), as well as more advanced attacks (for instance, if the root cert is valid but issued by an unexpected organization or country).

An entire scan typically takes less than 30 seconds.

Wait, how does this differ from RCC and SigCheck?

RCC and Microsoft's SigCheck are both command-line tools that perform a static, offline check on the local certificate store. NoSnoop is a dynamic scanner that performs true SSL handshakes and analyzes the certificates your computer receives when connecting to popular websites.


Quick start

No installation needed! Just unzip to any folder, and launch.

Any alerts will be flagged in red.
A cert is marked as "triple-trusted" if it is found in all 3 major trust stores (Microsoft, Mozila, and Google).
This early release is free for use.
As it is a beta, bugs and/or false positive detections should be expected.
Note that NoSnoop might become part of a broader Web PKI product in the near future.


● Windows 7 or later
● 1MB disk space


I am an infosec expert with 15 years of experience within various large organizations in technology, government and finance. Over the years, I have also released a number of Windows tools aimed at improving online security and privacy.


NoSnoop contains no adware, malware or sponsored content of any sort.

This website does not collect any personal information.

FAQ (Coming soon)