Critical-risk tools in Proxy
11 of the 89 tools in Proxy are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
interceptor_docker_detachDestructiveRemove proxy configuration from a Docker container and clean up injected files.
-
proxy_clear_trafficDestructiveClear all captured traffic from the buffer.
-
proxy_delete_sessionDestructiveDelete a recorded session from disk.
-
proxy_remove_host_upstreamDestructiveRemove a per-host upstream proxy override.
-
proxy_remove_ruleDestructiveDelete an interception rule.
-
proxy_session_stopDestructiveStop persistent on-disk capture and finalize the active session.
-
interceptor_deactivate_allDestructiveKill ALL active interceptors across all types. Emergency cleanup — stops all browser instances, kills spawned processes, removes ADB tunnels, detaches Frida, cleans Docker.
-
interceptor_killDestructiveKill a spawned process by target ID. Also retrieves final stdout/stderr output.
-
proxy_mobile_teardownDestructiveReverse proxy_mobile_setup: deactivate the Android target if any, stop the transparent + explicit listeners, and emit a sudo-runnable script that removes the iptables rules and ...
-
interceptor_browser_closeDestructiveClose a browser instance launched by interceptor_browser_launch (or interceptor_camoufox_launch).
-
interceptor_camoufox_closeDestructiveClose a camoufox instance launched by interceptor_camoufox_launch. Kills the Python launcher, removes the temp launcher dir, and removes the NSS profile dir if one was created.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.