Self-hosted webhook debugging and inspection. Capture, inspect, mock, and replay webhooks with real-time updates.
Patha (from Sanskrit पथ meaning "path" or "route") is a sovereign webhook ingestion, mocking, and inspection engine designed for self-hosted deployment. It's a production-grade alternative to webhook.site that prioritizes:
- Zero Dependencies: Single binary execution with embedded SQLite
- Real-time Updates: Server-Sent Events for live webhook monitoring
- Developer Ergonomics: Beautiful UI with instant payload inspection
- Security First: SSRF protection, signature verification, local-first design
- Resource Efficient: Rust + Axum for minimal memory footprint
- ✅ Dynamic Endpoint Creation: Generate unique webhook URLs on-demand
- ✅ Real-time Capture: Watch webhooks arrive in real-time via SSE
- ✅ Request Inspection: Detailed view of headers, body, query params
- ✅ Mock Responses: Configure custom responses with path matching
- ✅ Replay System: Resend captured webhooks to local servers
- ✅ Ephemeral Mode: Auto-delete data after TTL expiration
- ✅ SQLite Storage: ACID-compliant persistence with WAL mode
- ✅ Standard Webhooks signature verification: Optional HMAC-SHA256 validation
- ✅ SSRF protection: Blocks replay to private IPs and cloud metadata endpoints
- ✅ Rate limiting: 100 requests/minute per IP (configurable)
- ✅ Request size limits: Configurable payload size restrictions
- ✅ Isolated execution environment: Secure self-hosted deployment
patha/
├── apps/
│ ├── web/ # Frontend web interface (HTMX + Tailwind)
│ │ ├── public/
│ │ │ ├── index.html
│ │ │ ├── endpoint-detail.html
│ │ │ ├── request-inspector.html
│ │ │ └── css/
│ │ │ └── styles.css
│ │ ├── package.json
│ │ └── README.md
│ │
│ └── backend/ # Rust backend (Axum + SQLite) ✅
│ ├── src/
│ │ ├── main.rs
│ │ ├── handlers/
│ │ ├── models/
│ │ ├── routes/
│ │ ├── services/
│ │ └── db/
│ ├── migrations/
│ └── Cargo.toml
│
├── packages/ # Shared packages [TODO]
│ └── types/ # Shared TypeScript types
│
└── README.md # This file
The web interface is built with a Terminal Brutalism aesthetic - combining the raw, technical feel of terminal interfaces with refined modern typography and sophisticated animations.
Dashboard - Real-time Webhook Monitoring
Design System - Component Showcase
🎨 Visual Design
- Terminal-inspired color palette with warm amber/gold accents
- JetBrains Mono + Manrope typography pairing
- Scanline animations for real-time webhook arrivals
- Data-dense layouts optimized for developers
⚡ Technology Stack
- Pure HTML + HTMX 2.x for dynamic updates
- Tailwind CSS utility classes
- Server-Sent Events for real-time streams
- Zero heavy JavaScript frameworks
📱 Pages
- Dashboard - Overview of all endpoints and recent activity
- Endpoint Detail - Request history and mock rule management
- Request Inspector - Deep dive into webhook payloads
cd apps/web/public
python -m http.server 8080
# Open http://localhost:8080Webhook Sender → /b/{slug}/{*path} → Fast Path (Sync)
↓
Memory Cache
Rule Matching
↓
HTTP Response
↓
mpsc Channel
↓
Slow Path (Async)
↓
┌─────────────┴─────────────┐
↓ ↓
SQLite Write SSE Broadcast
(WAL Mode) (Live Updates)
↓ ↓
patha.db Dashboard UI
| Component | Technology | Rationale |
|---|---|---|
| Backend | Rust (Axum + Tokio) | Zero GC overhead, compile-time safety, low memory footprint |
| Database | SQLite (SQLx) | ACID compliance, embedded, single-file deployment |
| Frontend | HTMX 2.x + Tailwind CSS | Server-side rendering, minimal client JS, fast updates |
| Real-time | Server-Sent Events | Unidirectional streaming, native browser support, firewall-friendly |
| Packaging | rust-embed | Bake UI assets into binary for single-file deployment |
- Rust 1.78+ (for backend)
- Modern browser (Chrome 90+, Firefox 88+, Safari 14+)
1. Clone the repository
git clone https://github.com/yourusername/patha.git
cd patha2. Run automated setup
./scripts/setup.sh3. Start the server
make dev
# or manually:
cd apps/backend && cargo run4. Access the dashboard
http://localhost:8080
5. Send a test webhook
curl -X POST http://localhost:8080/w/test-endpoint \
-H "Content-Type: application/json" \
-d '{"event": "test", "data": "hello world"}'| Method | Endpoint | Description |
|---|---|---|
POST |
/api/v1/endpoints |
Create new endpoint |
GET |
/api/v1/endpoints |
List all endpoints |
DELETE |
/api/v1/endpoints/:id |
Delete endpoint |
GET |
/api/v1/endpoints/:id/requests |
Get request history |
POST |
/api/v1/requests/:id/replay |
Replay a request |
POST |
/api/v1/endpoints/:id/rules |
Create mock rule |
GET |
/api/v1/stream/:slug |
SSE stream for endpoint |
| Method | Endpoint | Description |
|---|---|---|
ANY |
/b/:slug |
Capture webhook |
ANY |
/b/:slug/{*subpath} |
Capture with subpath |
Environment variables:
PORT=8080
DATABASE_URL=/path/to/patha.db
EPHEMERAL_MODE=false
MAX_PAYLOAD_SIZE=10485760 # 10MB
REDIS_URL=redis://localhost:6379 # Optionaldocker build -t patha .
docker run -p 8080:8080 -v ./data:/root/data pathatunnel: your-tunnel-id
ingress:
- hostname: "*.yourdomain.com"
service: http://localhost:8080
- service: http_status:404- Web interface design
- Page templates (Dashboard, Endpoint Detail, Inspector)
- Design system and component library
- Rust backend implementation
- SQLite schema and migrations
- Basic CRUD operations
- Server-Sent Events integration
- Live webhook capture
- Request replay system (API ready)
- Mock response engine
- Standard Webhooks verification
- Advanced filtering and search
- Export to HAR/Postman/cURL
- Webhook comparison tool
- Rate limiting and quotas
- Multi-user support
- RBAC and permissions
- Audit logging
- High availability mode
- Metrics and monitoring
Contributions welcome! Please read CONTRIBUTING.md first.
MIT License - see LICENSE file for details
- Inspired by webhook.site, RequestBin, and Beeceptor
- Built with Rust, Axum, HTMX, and Tailwind CSS
- Design philosophy: Terminal Brutalism meets Refined Typography
Built with ❤️ for developers who value sovereignty