An experimental passive website scanner. Hogg acts as a proxy between you and your DNS server and scans every website you visit for common vulnerabilities.
- Make sure you have Rust installed. If not, follow the instructions here.
- Install dependencies for tonic from here.
- Install Nuclei and make sure it's in your
$PATH. - Clone the repo and
cdinto it. - Run
cargo build --releaseto build the binary.
To make hogg work, you need to run the daemon, which will serve the DNS proxy and scan the websites you visit. You will get a notification when a vulnerability is found. To view the vulnerabilities, you can use the hogg CLI. Use hogg-cli -h to see the available commands.
To run the daemon, use hogg-daemon binary.
Checkout your configuration path, which is printed when you start the daemon, or use echo $HOGG_CONFIG_DIR
- Your browser or a desktop app resolves a domain name via DNS.
- Hogg requests the data from your upstream DNS provider (Cloudflare by default) and sends it back to the app.
- Hogg scans the website using Nuclei.
Hogg will help you scan almost every website you visit (not limited to your browser) without causing any disruption to the app's functionality.
Not yet. Stay tuned for future updates that may include other solutions (like an HTTP proxy).
- Hogg doesn't yet support DNS over HTTPS, DNS over TLS etc.
- Some apps may bypass your system's default DNS resolver. In this case, Hogg will not intercept the app's requests.
- Working DNS proxy and Nuclei scanner
- Notifications (OS notifications for now)
- Automatic request redirection to DNS Proxy
- GUI (a tray icon)
- DNS over HTTPS
- Inspired by Trufflehog-Chrome-Extension ❤️