Common vulnerability scanning on steroids ☄️

Related tags

Network programming dns rust security exploit network proxy scanner secrets sniffer rust-lang vulnerabilities webscanner
Overview

Hogg 🐽

An experimental passive website scanner. Hogg acts as a proxy between you and your DNS server and scans every website you visit for common vulnerabilities.

Installation & Usage

Currently you can only run the daemon. In future, you will be able to use a special CLI or GUI to interact with daemon. The daemon is responsible of sending notifications.

git clone https://github.com/yallxe/hogg
cd hogg
cargo run -p hogg-deamon # requires root on linux & macos

After you run the daemon, you can set you DNS server to localhost:53, so all the DNS requests will be sent to hogg.

Configuration

Checkout your configuration path, which is printed when you start the daemon, or use echo $HOGG_CONFIG_DIR

How does it work?

  1. Your browser or a desktop app resolves a domain name via DNS.
  2. Hogg requests the data from your upstream DNS provider (Cloudflare by default) and sends it back to the app.
  3. Hogg scans the website using Nuclei.

How is it different?

Hogg will help you scan almost every website you visit (not limited to your browser) without causing any disruption to the app's functionality.

Anything besides DNS?

Not yet. Stay tuned for future updates that may include other solutions (like an HTTP proxy).

Limitations

  • Hogg doesn't yet support DNS over HTTPS, DNS over TLS etc.
  • Some apps may bypass your system's default DNS resolver. In this case, Hogg will not intercept the app's requests.

Progress

  • Working DNS proxy and Nuclei scanner
  • Notifications (OS notifications for now)
  • Automatic request redirection to DNS Proxy
  • GUI (a tray icon)
  • DNS over HTTPS

Credits

You might also like...
Automated attack surface mapper and vulnerability scanner

Phaser Automated attack surface mapper and vulnerability scanner What is this? Phaser is a high-performance and automated attack surface mapper and vu

Sylvain Kerkour 74 Dec 16, 2022
💔 Heartbleed vulnerability exploit written in Rust

Heartbleed 💔 Heartbleed vulnerability exploit written in Rust What is it Heartbleed is a buffer over-read vulnerability in outdated versions of OpenS

Gianmatteo Palmieri 4 May 23, 2023
python dependency vulnerability scanner, written in Rust.
python dependency vulnerability scanner, written in Rust.

🐍 Pyscan A dependency vulnerability scanner for your python projects, straight from the terminal. 🚀 blazingly fast scanner that can be used within l

Aswin. 80 Jun 4, 2023
RustVulnsScan is a powerful system vulnerability scanner written in Rust
RustVulnsScan is a powerful system vulnerability scanner written in Rust

RustVulnsScan is a powerful system vulnerability scanner written in Rust. It allows you to perform comprehensive scans of your system to identify potential vulnerabilities and security risks.

null 2 Jul 2, 2023
Extendable HPC-Framework for CUDA, OpenCL and common CPU

Collenchyma • Collenchyma is an extensible, pluggable, backend-agnostic framework for parallel, high-performance computations on CUDA, OpenCL and comm

Autumn 460 Oct 31, 2022
A fast and simple command-line tool for common operations over JSON-lines files

rjp: Rapid JSON-lines processor A fast and simple command-line tool for common operations over JSON-lines files, such as: converting to and from text

Ales Tamchyna 3 Jul 8, 2022
Common processing blocks used with your Runes.

Common Processing Blocks (API Docs) Processing blocks built by Hammer of the Gods that you can use with your Runes. License This project is licensed u

Hammer of the Gods 9 Jul 21, 2022
ctfsak is a tool to speed up common operations needed during CTFs

ctfsak (CTF Swiss Army Knife) This is a tool to help saving time during CTFs, where it's common to have to do a lot of encoding/decoding, encrypting/d

null 1 Dec 1, 2022
Common Rust Lightning Network types

Common Rust Lightning Network types Warning: while in a good state, this is still considered a preview version! There are some planned changes. This l

Martin Habovštiak 5 Nov 8, 2022
A common library and set of test cases for transforming OSM tags to lane specifications

osm2lanes See discussion for context. This repo is currently just for starting this experiment. No license chosen yet. Structure data tests.json—tests

A/B Street 29 Nov 16, 2022
Common data structures and algorithms for competitive programming in Rust
Common data structures and algorithms for competitive programming in Rust

algorithm-rs algorithm-rs is common data structures and algorithms for competitive programming in Rust. Contents TBA How To Contribute Contributions a

Chris Ohk 16 Dec 21, 2022
Tests a wide variety of N64 features, from common to hardware quirks. Written in Rust. Executes quickly.

n64-systemtest Tests a wide variety of N64 features, from common to hardware quirks. Written in Rust. Executes quickly. n64-systemtest is a test rom t

null 37 Jan 7, 2023
Hardware Abstraction Layer for AVR microcontrollers and common boards

avr-hal Hardware Abstraction Layer for AVR microcontrollers and common boards (for example Arduino). Based on the avr-device crate. This is a new vers

Rahix 776 Jan 1, 2023
Rust-clippy - A bunch of lints to catch common mistakes and improve your Rust code

Clippy A collection of lints to catch common mistakes and improve your Rust code. There are over 450 lints included in this crate! Lints are divided i

The Rust Programming Language 8.7k Dec 31, 2022
Parity-bridges-common - Collection of Useful Bridge Building Tools 🏗️

Parity Bridges Common This is a collection of components for building bridges. These components include Substrate pallets for syncing headers, passing

Parity Technologies 223 Jan 4, 2023
Common data structures and algorithms in Rust

Contest Algorithms in Rust A collection of classic data structures and algorithms, emphasizing usability, beauty and clarity over full generality. As

Aram Ebtekar 3.3k Dec 27, 2022
Common stop words in a variety of languages

About Stop words are words that don't carry much meaning, and are typically removed as a preprocessing step before text analysis or natural language p

Chris McComb 9 Dec 9, 2022
A library to help you sew up your Ethereum project with Rust and just like develop in a common backend

SewUp Secondstate EWasm Utility Program, a library helps you sew up your Ethereum project with Rust and just like development in a common backend. The

Second State 48 Dec 18, 2022
Comparing performance of Rust math libraries for common 3D game and graphics tasks

mathbench mathbench is a suite of unit tests and benchmarks comparing the output and performance of a number of different Rust linear algebra librarie

Cameron Hart 137 Dec 8, 2022
Comments
  • Rewrite project architecture

    Rewrite project architecture

    New project architecture. Still WIP.

    The idea is to create a cargo workspace, composed from next projects:

    • hogg-daemon, which will be something like a core, which is forever running in the system. It does tasks like DNS Proxy, Daemon API, etc.
    • hogg-cli, a CLI which will be managing the daemon via daemon API.
    • hogg-gui, same as hogg-cli, but GUI.
    • ... (?)

    The pull request should be pushed into the base branch when the functionality reaches current master branch. For now, this rewrite branch lacks notifications, but I'm thinking of moving notifications out from the daemon.

    opened by yallxe 1
  • Bump tokio from 1.23.0 to 1.23.1

    Bump tokio from 1.23.0 to 1.23.1

    Bumps tokio from 1.23.0 to 1.23.1.

    Release notes

    Sourced from tokio's releases.

    Tokio v1.23.1

    This release forward ports changes from 1.18.4.

    Fixed

    • net: fix Windows named pipe server builder to maintain option when toggling pipe mode (#5336).

    #5336: tokio-rs/tokio#5336

    Commits
    • 1a997ff chore: prepare Tokio v1.23.1 release
    • a8fe333 Merge branch 'tokio-1.20.x' into tokio-1.23.x
    • ba81945 chore: prepare Tokio 1.20.3 release
    • 763bdc9 ci: run WASI tasks using latest Rust
    • 9f98535 Merge remote-tracking branch 'origin/tokio-1.18.x' into fix-named-pipes-1.20
    • 9241c3e chore: prepare Tokio v1.18.4 release
    • 699573d net: fix named pipes server configuration builder
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Inefficient force-ssl detector

    Inefficient force-ssl detector

    Websites may redirect twice or more, as in an example below

    2022-12-26T21:12:41.253 [DEBUG] redirecting 'http://www.facebook.com/' to 'https://www.facebook.com/'
2022-12-26T21:12:41.254 [DEBUG] starting new connection: https://www.facebook.com/     
2022-12-26T21:12:41.256 [TRACE] registering event source with poller: token=Token(419430401), interests=READABLE | WRITABLE
2022-12-26T21:12:41.358 [TRACE] signal: Want
2022-12-26T21:12:41.358 [TRACE] signal found waiting giver, notifying
2022-12-26T21:12:41.358 [TRACE] poll_want: taker wants!
2022-12-26T21:12:41.501 [TRACE] signal: Want
2022-12-26T21:12:41.501 [TRACE] signal: Want
2022-12-26T21:12:41.502 [DEBUG] redirecting 'https://www.facebook.com/' to 'https://www.facebook.com/unsupportedbrowser'
2022-12-26T21:12:41.703 [INFO ] Forced HTTPS redirection detected: www.facebook.com

    After first redirect, it was clear website have force-ssl enabled. Handling second redirect wasn't needed.

    bug enhancement 
    opened by yallxe 0
Releases(0.1.1)
Owner
Yallxe
Software Engineer
Yallxe
GitHub
An example of a common Wi-Fi set up scenario on ESP32 using Rust

UTC IoT fetcher This repo is an example of how to configure a Wi-Fi client on an ESP32-based IoT device using an external device connection to the int

Max Wase 4 Jan 19, 2023
Kepler is a vulnerability database and lookup store and API currently utilising National Vulnerability Database and NPM Advisories as data sources

Kepler — Kepler is a vulnerability database and lookup store and API currently utilising National Vulnerability Database and NPM Advisories as data so

Exein.io 101 Nov 12, 2022
Easy c̵̰͠r̵̛̠ö̴̪s̶̩̒s̵̭̀-t̶̲͝h̶̯̚r̵̺͐e̷̖̽ḁ̴̍d̶̖̔ ȓ̵͙ė̶͎ḟ̴͙e̸̖͛r̶̖͗ë̶̱́ṉ̵̒ĉ̷̥e̷͚̍ s̷̹͌h̷̲̉a̵̭͋r̷̫̊ḭ̵̊n̷̬͂g̵̦̃ f̶̻̊ơ̵̜ṟ̸̈́ R̵̞̋ù̵̺s̷̖̅ţ̸͗!̸̼͋

Rust S̵̓i̸̓n̵̉ I̴n̴f̶e̸r̵n̷a̴l mutability! Howdy, friendly Rust developer! Ever had a value get m̵̯̅ð̶͊v̴̮̾ê̴̼͘d away right under your nose just when

null 294 Dec 23, 2022
A unix "time" like benchmarking tool on steroids

benchie Usage Binary Once Rust is installed (see step 1 in "Toolchain Setup"), you can easily install the latest version of benchie with: $ cargo inst

benchie 3 May 6, 2022
A comprehensive memory scanning library

scanflow boasts a feature set similar to the likes of CheatEngine, with a simple command line interface. Utilizing memflow, scanflow works in a wide range of situations - from virtual machines, to dedicated DMA hardware.

memflow 38 Dec 30, 2022
A lightweight platform-accelerated library for biological motif scanning using position weight matrices.

?? ?? lightmotif A lightweight platform-accelerated library for biological motif scanning using position weight matrices. ??️ Overview Motif scanning

Martin Larralde 16 May 4, 2023
A nushell plugin for scanning ports on a target.

nu_plugin_port_scan A nushell plugin for scanning ports on a target Similar to nc -vz {ip} {port} -w {timeout} the parameters are mapped to port scan

Motalleb Fallahnezhad 4 Nov 9, 2023
Wrapper over MMTk to simplify integration with runtimes: thread management system, object header, root scanning

vmkit A library which provides bunch of building blocks to make a VM in Rust. Feautures MMTK integration out of the box Thread management provided by

null 3 Aug 31, 2024
A fast tool to scan prototype pollution vulnerability written in Rust. 🦀

ppfuzz Prototype Pollution Fuzzer A fast tool to scan prototype pollution vulnerability written in Rust. ?? Installation Binary Source Dependencies Us

Dwi Siswanto 410 Dec 27, 2022
Http request smuggling vulnerability scanner

Request smuggler Http request smuggling vulnerability scanner Based on the amazing research by James Kettle. The tool can help to find servers that ma

null 204 Dec 18, 2022