{"id":13930180,"url":"https://github.com/yallxe/hogg","last_synced_at":"2025-07-19T12:31:56.922Z","repository":{"id":165690155,"uuid":"576791491","full_name":"yallxe/hogg","owner":"yallxe","description":"Common vulnerability scanning on steroids ☄️","archived":true,"fork":false,"pushed_at":"2024-01-19T16:10:10.000Z","size":325,"stargazers_count":18,"open_issues_count":4,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2024-08-08T18:26:41.475Z","etag":null,"topics":["dns","exploit","network","proxy","rust","rust-lang","scanner","secrets","security","sniffer","vulnerabilities","webscanner"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yallxe.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2022-12-11T01:34:57.000Z","updated_at":"2024-07-15T16:09:15.000Z","dependencies_parsed_at":null,"dependency_job_id":"d0f1f436-6815-40e5-8639-a46e18dfcddf","html_url":"https://github.com/yallxe/hogg","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yallxe%2Fhogg","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yallxe%2Fhogg/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yallxe%2Fhogg/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yallxe%2Fhogg/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yallxe","download_url":"https://codeload.github.com/yallxe/hogg/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":226607601,"owners_count":17658483,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dns","exploit","network","proxy","rust","rust-lang","scanner","secrets","security","sniffer","vulnerabilities","webscanner"],"created_at":"2024-08-07T18:05:03.984Z","updated_at":"2024-11-26T19:30:55.082Z","avatar_url":"https://github.com/yallxe.png","language":"Rust","funding_links":[],"categories":["security"],"sub_categories":[],"readme":"# Hogg 🐽\n\nAn experimental passive website scanner. Hogg acts as a proxy between you and your DNS server and scans every website you visit for common vulnerabilities.\n\n## Building\n\n0. Make sure you have Rust installed. If not, follow the instructions [here](https://www.rust-lang.org/tools/install).\n1. Install dependencies for [tonic](https://github.com/hyperium/tonic) from [here](https://github.com/hyperium/tonic#dependencies).\n2. Install [Nuclei](https://github.com/projectdiscovery/nuclei) and make sure it's in your `$PATH`.\n3. Clone the repo and `cd` into it.\n4. Run `cargo build --release` to build the binary.\n\n## Using it\n\nTo make hogg work, you need to run the daemon, which will serve the DNS proxy and scan the websites you visit. You will get a notification when a vulnerability is found. To view the vulnerabilities, you can use the `hogg` CLI. Use `hogg-cli -h` to see the available commands.\nTo run the daemon, use `hogg-daemon` binary.\n\n## Configuration\n\nCheckout your configuration path, which is printed when you start the daemon, or use `echo $HOGG_CONFIG_DIR`\n\n## How does it work?\n\n1. Your browser or a desktop app resolves a domain name via DNS.\n2. Hogg requests the data from your upstream DNS provider (Cloudflare by default) and sends it back to the app.\n3. Hogg scans the website using [Nuclei](https://github.com/projectdiscovery/nuclei).\n\n## How is it different?\n\nHogg will help you scan almost every website you visit (not limited to your browser) without causing any disruption to the app's functionality.\n\n## Anything besides DNS?\n\nNot yet. Stay tuned for future updates that may include other solutions (like an HTTP proxy).\n\n## Limitations\n\n- Hogg doesn't yet support DNS over HTTPS, DNS over TLS etc.\n- Some apps may bypass your system's default DNS resolver. In this case, Hogg will not intercept the app's requests.\n\n## Progress\n\n- [x] Working DNS proxy and Nuclei scanner\n- [x] Notifications (OS notifications for now)\n- [ ] Automatic request redirection to DNS Proxy\n- [ ] GUI (a tray icon)\n- [ ] DNS over HTTPS\n\n## Credits\n\n- Inspired by [Trufflehog-Chrome-Extension](https://github.com/trufflesecurity/Trufflehog-Chrome-Extension) ❤️\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyallxe%2Fhogg","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyallxe%2Fhogg","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyallxe%2Fhogg/lists"}