Docs / Getting started / FoxyProxy

Guide Browser routing

Use FoxyProxy with Crusader

~6 min · optional browser extension · Free

The short version. Use Crusader's built-in test browser first. It launches a Chromium-family browser in an isolated profile, routes it to Crusader automatically, trusts the Crusader CA without changing your daily browser, and is the path we recommend for WAF-sensitive testing. FoxyProxy is still useful when you want manual browser control, URL patterns, per-tab or per-container routing, or a quick toggle in your normal browser. In Crusader testing, some FoxyProxy-routed browser sessions triggered WAF or bot controls that the built-in test browser did not, so treat FoxyProxy as a convenience workflow, not the cleanest fingerprint workflow.

01When to use FoxyProxy

FoxyProxy is a browser extension for switching a browser across one or more proxy servers. It is convenient if you already use a daily browser profile for testing, need URL-pattern rules, want to proxy one browser tab differently from another, or use Firefox containers and private windows during a test.

It is not the best default for fingerprint-sensitive work. The extension changes how the browser is routed, but it does not make the browser look more natural to a WAF. For Crusader, the built-in test browser is the recommended baseline because it starts a controlled Chromium profile with known proxy and certificate settings, and Crusader's browser-oriented transport has better JA3 and browser-like behavior in the cases we test. If a site reacts differently under FoxyProxy, reproduce the test in the built-in browser before calling it a security finding.

Use thisWhen
Built-in test browserFirst capture, WAF-sensitive flows, login journeys, bot-sensitive targets, and anything where TLS/browser fingerprint parity matters.
FoxyProxyManual routing in your normal browser, URL pattern routing, Firefox containers, per-tab experiments, and quick proxy on/off toggles.

Do not use a WAF block caused only by FoxyProxy as proof of target behavior. Confirm through Crusader's built-in browser or another clean baseline first.

02Start Crusader and note the listener

Open Crusader and confirm the proxy status pill is green. The default listener is 127.0.0.1:8080. If another process already owns 8080, Crusader auto-heals to a nearby free port and reports the actual value, such as 127.0.0.1:8081.

Use the exact host and port Crusader reports. FoxyProxy does not start Crusader for you, and it will silently fail if it points to the wrong port.

03Download FoxyProxy

Install FoxyProxy only from official sources or browser stores. The main FoxyProxy download page links the current browser versions, and the extension source for version 8 and newer is public on GitHub.

After install, pin the FoxyProxy icon to the browser toolbar so you can see when it is active and turn it off cleanly when the test is done.

04Configure the proxy entry

  1. Open the FoxyProxy extension and choose Options or Manage Proxies.
  2. Add a new proxy named Crusader.
  3. Set proxy type to HTTP.
  4. Set host to 127.0.0.1.
  5. Set port to the Crusader listener port, usually 8080.
  6. Leave username and password blank unless you put another proxy in front of Crusader. Crusader's local listener does not require proxy authentication.
  7. Save the proxy.

For a first check, select the Crusader proxy for all URLs. Once capture works, switch to URL patterns if you only want target traffic routed through Crusader. A simple target pattern looks like *://*.example.com/*.

05Trust the CA

Proxy routing and certificate trust are separate. FoxyProxy can send HTTPS traffic to Crusader, but the browser still has to trust the Crusader root CA or HTTPS pages will fail with certificate warnings.

Use the CA wizard in Crusader, or follow Trust the Crusader CA. For Chrome, Edge, Brave, and most Chromium browsers, OS trust is usually enough. Firefox can use its own certificate store, so confirm Firefox trusts the CA before testing HTTPS targets.

If you do not want to modify your browser or OS trust store, use Open test browser in Crusader instead. It uses an isolated profile and trusts Crusader by pin without changing your daily browser.

06Verify capture

  1. Enable the Crusader proxy in FoxyProxy.
  2. Open a target you are authorized to test.
  3. Open Crusader History.
  4. Confirm the request appears with the expected host, method, status, headers, and response.

After verification, set Target scope so Crusader stores and surfaces the hosts you actually intend to test.

07Troubleshooting

SymptomCheck
No traffic in HistoryMake sure the Crusader proxy is active, FoxyProxy is enabled, and the FoxyProxy port matches the port Crusader reports.
HTTPS certificate errorsTrust the Crusader CA for that browser. Firefox may need explicit browser-store trust even when the OS store is correct.
Site behaves differently or WAF blocksRetest in Crusader's built-in test browser. FoxyProxy is useful, but in our testing it can trigger some WAF/bot paths that the built-in browser does not.
Browser stops loading after Crusader closesTurn FoxyProxy off or switch it back to direct connection. The browser is still pointing at a local proxy that is no longer listening.
Only some URLs are capturedReview FoxyProxy patterns. Start with all URLs, then narrow to target patterns after capture works.

Keep testing authorized and scoped. FoxyProxy is just a routing switch; Crusader's scope and safety model still applies once traffic reaches the app.

Want a guide that isn't here yet? Email [email protected].