ProxyTool Documentation

ProxyTool is a Windows desktop application that routes your internet traffic through proxy servers at the kernel level. It intercepts connections using a WFP (Windows Filtering Platform) driver, giving you full control over which applications use which proxy — without modifying individual app settings.

Quick Setup (3 Steps)

• Add a proxy — Enter your proxy server details (host, port, protocol) or paste a proxy string
• Create a routing rule — Choose which applications or traffic should use the proxy
• Activate — Traffic is immediately routed through the proxy

Overview Chains & Bandwidth Live Connections Live Logs Customize

‹ ›

Dashboard overview with stat cards, proxy list, and routing rules

1 / 5

Dashboard at a Glance

The Dashboard is your central hub — it shows everything happening on your network in real time. Here's what each section does:

Customize Your Dashboard

Click Customize in the top-right corner to enter edit mode. A toolbar appears at the top of the dashboard where you can control every section individually.

Stat Cards

Toggle each metric card on or off — disabled cards are hidden from the dashboard entirely.

Widget Panels

Each widget panel represents a major dashboard section. Disable panels you don't need to keep things focused.

Layout Options

• Connections Height — Choose between 280px, 400px, 520px, 640px, or 760px to control how many connection rows are visible without scrolling
• Reorder — Drag the arrow handles between stat cards to rearrange their order
• Fine-tuning — Drag the grip under the Connections panel to adjust its height precisely

Click Done to save your layout. Use Reset All to restore the default arrangement, or Clear to remove all customizations and start fresh.

Click Add Proxy on the Proxies page to open the configuration dialog. You can either fill in fields manually or paste a proxy string for instant setup.

Server Details HTTP / HTTPS SOCKS4 SOCKS5 Auth HTTP/S Auth & DNS Auth SOCKS5 User-Agent Advanced

‹ ›

Server Details — common to all protocols: name, host, port, and type selector

1 / 9

Server Details

These fields are identical for every proxy type. Enter address details manually or use Quick Add: paste a proxy string (e.g. socks5://host:port:user:pass) or a curl -x command and all fields auto-fill instantly.

Options by Protocol

The options shown below the protocol selector differ depending on the type you choose. Use the carousel tabs above to compare each protocol side by side.

Authentication Details

Toggle Requires Authentication (or User Identification for SOCKS4) to reveal credential fields. The layout changes per protocol:

Send User-Agent (HTTP / HTTPS only)

When enabled, ProxyTool adds a User-Agent header to the HTTP CONNECT handshake. Some proxies require this to allow the connection. A default Chrome 131 string is pre-filled, but you can set any custom value. This option does not appear for SOCKS4 or SOCKS5 because these protocols do not use HTTP headers.

SOCKS4a Extension (SOCKS4 only)

Standard SOCKS4 resolves hostnames locally before forwarding — which leaks DNS queries. With SOCKS4a enabled, the hostname is sent to the proxy for remote resolution, keeping your DNS private.

Cost per GB

Available for all protocol types. Enter your cost rate (e.g. $2.50 /GB) to enable real-time cost tracking in the Connection Monitor — especially useful for residential or metered proxies.

Expand the Advanced Options section in the Add Proxy dialog to access these settings. They apply to all proxy types unless noted.

Inline Proxy Checker

Before saving, click Check to verify connectivity. The checker runs a multi-step test against a configurable target (default: google.com):

• Proxy connection — TCP connect to the proxy server, measures latency
• HTTPS handshake — Sends the CONNECT request to the proxy
• Authentication — Handles proxy auth (407 response → sends credentials)
• Credential check — Verifies credentials were accepted (HTTP 200)
• Target connection — Reaches the target through the proxy end-to-end

All steps show a green checkmark on success with detailed status messages. The total latency is displayed at the top right (e.g. 99 ms), and a summary line confirms the result: PASSED — All tests OK.

Inline Proxy Checker — all 5 tests passed (99 ms latency) with target google.com · Click to enlarge

The Proxies page displays all configured proxy servers in a sortable table with real-time status indicators.

Proxies — Server list with protocol, address, location, latency, and quick actions · Click to enlarge

Table Columns

Filters & Search

• Search — Filter by name, address, or location
• Type filter — All / HTTP / HTTPS / SOCKS4 / SOCKS5
• Status filter — All / Active / Inactive

Actions

• Toggle — Activates/deactivates the proxy (starts or stops the bridge)
• Edit — Reopens the Add Proxy dialog in edit mode with all fields pre-filled
• Delete — Stops the proxy if active, then removes it. Shows a warning if the proxy is used in chains or rules
• Test — Runs the connectivity checker without opening the dialog

Rules determine which traffic goes through which proxy (or chain), goes direct, or gets blocked. They are evaluated top-to-bottom by priority — the first matching rule wins. Click + Add Rule to open the configuration dialog.

Overview Rule Setup Protocol Direct Proxy Chain Block Advanced

‹ ›

Rules overview — 3 rules with priority ordering, on/off toggles, and action badges

1 / 8

Rules Overview

The Rules page lists all configured routing rules with their priority number, action badge (Proxy / Direct / Block), on/off toggle, and summary tags showing matched apps, hosts, ports, and protocol. Use the up/down arrows on the right to reorder priorities — the first matching rule wins.

Rule Setup

The top half of the dialog defines what traffic this rule matches. All four criteria are optional — leave a field empty (or *) to match everything.

Protocol

Select which transport protocol this rule applies to. The dropdown offers TCP, UDP, or BOTH. Note that UDP routing requires a SOCKS5 proxy — HTTP and SOCKS4 proxies only support TCP.

Actions

The Action dropdown defines how matched traffic is routed. Each action type shows different follow-up options:

When selecting Proxy, the dropdown lists all configured servers with their protocol badge (HTTPS, SOCKS5). When selecting Chain, you choose from your configured chain setups (Load Balancing, Redundancy, Simple).

Priority & Enable

Every rule has a Priority level (1 = lowest, 10 = highest). Higher priority rules are evaluated first. The Enable this rule immediately toggle (on by default) activates the rule right after creation — disable it to save a rule for later use.

Expand Advanced Options at the bottom of the Add Rule dialog (available for Proxy and Chain actions) to access network interface control and IPv6 settings.

Proxy chains combine multiple proxies into a single routing target. ProxyTool supports three chain types — Simple (sequential multi-hop), Redundancy (automatic failover), and Load Balancing (random distribution). Click + Add Chain to open the configuration dialog.

Overview Chain Setup Simple Redundancy Load Balancing Proxy Selection Chain Order

‹ ›

Chains overview — 3 chains with type badges, route visualization, and per-proxy health checks

1 / 7

Chains Overview

The Chains page lists all configured chains with their type badge (Simple, Load Balancing, Redundancy), proxy count, and a route visualization showing the traffic path (e.g. Static Test Proxy → TestProxy1). Expand a chain to see per-proxy health status with test results and latency.

Chain Setup

Enter a Chain Name, then select one of the three chain types. Each type shows its own configuration options below the selector. The Available Proxies panel lists all configured proxy servers — click the + button next to a proxy to add it to the chain.

Simple Sequential Chain

Routes traffic through every proxy in order as a true multi-hop chain. Each proxy becomes a hop between your device and the destination. Adds latency but increases anonymity. The order you set in the Chain Order section determines the hop sequence.

Redundancy Failover Chain

Uses one proxy at a time from the ordered list. Tries the first enabled proxy; if it fails validation within the timeout, automatically switches to the next.

Load Balancing Random Distribution

Distributes connections across multiple parallel proxies. Each new connection gets assigned a random proxy from the pool.

Steps

• 1. Name your chain — Enter a descriptive name (e.g. "Secure Multi-Hop")
• 2. Select chain type — Simple, Redundancy, or Load Balancing — each shows its own configuration options
• 3. Add proxies — Click the + button next to a proxy in the "Available Proxies" panel. Proxies show their protocol badge (HTTPS, SOCKS5) and can only appear once per chain.
• 4. Set order — In the Chain Order section, use the ▲ ▼ arrow buttons to move proxies up or down. Traffic flows top to bottom. Click ✕ to remove a proxy from the chain.
• 5. Configure options — Set type-specific options (timeout for Redundancy, PID stickiness for Load Balancing)
• 6. Save — Click Add Chain. Assign the chain to a routing rule to start using it.

Chain Order

The Chain Order section shows all added proxies as numbered cards. Each card displays the proxy name, address, and protocol badge. Use the ▲ (up) and ▼ (down) arrow buttons to reorder — traffic flows from position 1 downward. A visual arrow connects the hops to illustrate the routing path. The counter (e.g. 2 proxies) shows how many are in the chain, with a minimum of 2 required.

Chain List Features

• Type badge — Color-coded: Simple, Load Balancing, Redundancy
• Route visualization — Shows the proxy flow: Proxy A → Proxy B → ...
• Per-proxy health — Expand a chain to see individual proxy test results with latency, e.g. PASSED — All tests OK (98 ms)
• Edit / Delete — Edit reopens the dialog, Delete removes the chain. Shows a warning if the chain is used in routing rules.

The DNS page controls how hostnames are resolved and provides leak-prevention features that keep your real IP address hidden. Three tabs at the top let you switch between detection modes, while the settings below fine-tune privacy behaviour.

Overview Resolve via Proxy

‹ ›

Current DNS Mode

The status badge in the top-right corner (Local DNS or Via Proxy) shows the active resolution path at a glance. Three tabs below it control the detection mode:

Proxifier DNS Settings

Two toggles control the connection between auto-detection and proxy resolution:

• Detect DNS settings automatically — monitors network conditions and switches DNS mode when local DNS becomes unavailable (on by default)
• Resolve hostnames through proxy — sends all DNS queries through the proxy server instead of local DNS. When enabled, the badge changes to Via Proxy and the detection tab switches to Manual / Proxy

Scroll down on the DNS page to find the IP Protection panel. These settings prevent traffic from leaking outside the proxy when the operating system or applications attempt alternative network paths. You can enable everything at once or pick individual modules in custom mode.

The Traffic Monitor page is your real-time command center for network visibility. Two tabs at the top — Analytics and Connections — let you switch between high-level insights and a detailed connection table. Use Freeze to pause all counters for analysis, or Clear to reset session data.

Overview Shield & Health Shield Detail Domain Intel Forensics: Domains Forensics: By Proxy Protocol

‹ ›

Summary Cards

Four cards at the top provide session-level metrics at a glance:

Analytics Tab

The Analytics tab organizes traffic data into several cards that scroll vertically:

Connections Tab

The Connections tab shows a live table of every active and recent connection:

Connection Forensics

Scroll down in the Connections tab to find Connection Forensics. Two sub-tabs — Domains and By Proxy — provide deep analysis:

• Domains — Shows all contacted domains with request count and traffic percentage. The overall block rate is displayed in the header
• By Proxy — Expand each proxy to see success rate, block rate, wasted data, and blocked domains with frequency

Cost Overview

Overview By Proxy By Domain By Process

‹ ›

The Cost Overview card calculates real-time proxy expenses based on the per-GB rate you set on each proxy. The total cost badge (e.g. $0.2298 total) appears in the top-right corner. Four tabs let you slice the data differently:

• Overview — Unified ranking of all proxies, processes, and domains sorted by traffic. Each entry shows a type badge (Proxy / Process / Domain), traffic volume, and cost
• By Proxy — Traffic and cost per proxy endpoint with connection count breakdown
• By Domain — Ranked list of domains by traffic, useful for identifying bandwidth-heavy sites
• By Process — Per-application cost breakdown so you can see which processes generate the most proxy traffic

Cost Optimization

Overview By Proxy By Domain By Process

‹ ›

The Cost Optimization card identifies wasted proxy traffic — connections that were blocked or failed (RST) but still consumed bandwidth. The badge (e.g. $0.0002 wasted) highlights the total wasted cost. Click any entry to expand details:

• Overview — Ranked list of domains with wasted bytes, associated proxy and process, and cost per entry
• By Proxy — Click a proxy to see its top wasted domains and processes. Shows total block count, success rate, and block rate per proxy
• By Domain — Wasted traffic grouped by domain name
• By Process — Wasted traffic grouped by application (e.g. msedge.exe, chrome.exe)

ProxyTool monitors TLS Client Hello packets and compares JA3 fingerprint hashes against a known database. When a connection's fingerprint indicates a potentially detectable automation tool, a warning card appears in the Analytics tab with fix suggestions.

In this example, curl.exe was flagged as DETECTABLE because its TLS fingerprint does not match any known browser. The warning card explains that anti-bot systems like Cloudflare, Akamai, and DataDome compare JA3 hashes against known browsers, and suggests using curl_cffi, Camoufox, or Playwright with stealth plugins instead.

The warning panel shows: process name, number of flagged connections, affected domains (last 5), and process-specific suggestions for fixing the fingerprint.

If you've configured a Cost per GB rate on your proxies, the Monitoring page calculates real-time spending based on actual traffic.

How Cost Is Calculated

• Calculated per proxy based on the rate set in the proxy's configuration
• Includes both upload and download bytes
• Displayed with up to 6 decimal places for precision on small transfers
• Visible in Security Shield events and the Cost Optimization card

Cost Optimization

When you have at least 5 proxied connections, the analytics tab shows a Cost Optimization card that breaks down wasted bandwidth by proxy, domain, and process — helping you identify where to reduce costs.

The Settings page provides centralized control over subscription management, appearance, system behavior, privacy, and diagnostics. A search bar at the top filters settings in real time — type any keyword to locate and navigate directly to the matching setting.

Subscription Appearance & System Monitoring & Safety

‹ ›

Subscription — Plan, devices, and account management

1 / 3

Settings Search

The search bar at the top of the Settings page provides instant filtering. Typing a keyword (e.g. "tray", "DNS", "encryption") highlights and scrolls to the matching setting, making it easy to locate options without browsing through tabs.

Subscription

General

Safety

Diagnostics

Profiles save your complete configuration (proxies, chains, rules, DNS settings) as portable .ppx files. You can maintain multiple profiles and switch between them.

Profiles Overview Auto Update Encryption & Files

‹ ›

Profiles — Active profile, saved profiles, and migration tools

1 / 3

Active Profile

The current workspace is auto-saved continuously. To persist a configuration as a named profile, use Save As. The active profile name is displayed at the top of the Profiles tab. Additional controls include:

• New Blank — Reset to a clean empty configuration
• Save As — Save current workspace as a named profile
• Import — Load a .ppx file from disk (or a Proxifier .ppx/.xml)
• Export — Save the current configuration to a file for sharing or backup

Saved Profiles

All saved profiles appear in a list below the active profile. Each entry shows the profile name and provides Load and Delete actions. The currently active profile is highlighted. Loading a profile replaces the entire active workspace configuration.

Profile Auto Update

Profiles can be fetched automatically from a remote server. This is useful for team deployments or managed environments where configuration changes need to propagate to all devices.

Password Encryption

Profile files can encrypt stored proxy passwords using one of four modes. The encryption mode selector is a radio button group in the Profiles tab.

Profile Files

Profiles are stored as XML .ppx files. The Profiles tab shows the user profile directory path with a copy button for quick access in file explorer.

• User profile directory — Default location where named profiles are saved
• Default.ppx — Place this file in the application directory or C:\ProgramData\ProxyTool\ to auto-load a profile for all users on the machine
• CLI loading — Run ProxyTool.exe profile.ppx [silent-load] to load a specific profile at launch. The silent-load flag suppresses the load confirmation dialog

ProxyTool can import your existing Proxifier configuration (.ppx / .xml) including proxy servers, chains, rules, DNS settings, and leak-protection options. The import wizard detects all components and guides you through any manual steps required.

Import Preview Password Manager Final Review

‹ ›

Import preview — proxies, rules, and settings detected in the Proxifier profile

1 / 3

What It Imports

• Proxy servers — Host, port, protocol, and authentication credentials
• Proxification rules — Application-based routing rules (process name → proxy assignment)
• Proxy chains — Multi-hop configurations and failover setups
• DNS settings — Name resolution preferences from the Proxifier profile
• Leak-protection options — UDP blocking and related privacy settings

Encryption Handling

Proxifier profiles may store proxy passwords using different encryption methods. ProxyTool detects the encryption mode and handles decryption automatically when possible:

Password Manager Workflow

The Password Manager appears inside the import modal when automatic decryption is not available. It provides a bulk interface for entering proxy passwords:

• Proxy selection — Select individual proxies via checkboxes, or use the header checkbox to select all
• "All same" bulk-apply — Enter one password and apply it to all selected proxies at once
• Per-proxy fields — Individual password input fields for each proxy that needs credentials
• Apply button — Commits the entered passwords to the import configuration
• Progress badge — Shows completion status (e.g. "0/3") indicating how many proxies still need passwords

After Import

Imported items are added to the current active configuration. Proxies, chains, rules, and settings merge into the workspace immediately. To persist the imported configuration as a named profile, use Save As in the Profiles tab.