Open where it matters
The core binary is proprietary. Everything you extend, script, and build on top of is open. Every release is cryptographically signed so you can verify exactly what you run.
Trust through verification
Security tools handle sensitive traffic. You should not have to take anyone's word for what a binary does. Every Hugin release is Ed25519 signed at build time. The public key is published in the repository and hardcoded into the updater — you can verify any download independently at hugin.nu/verify. Hugin has no telemetry, no analytics, no phone-home. Your traffic stays on your machine.
What is open
GitHub repository
The public repository at github.com/HuginSecurity/Hugin contains documentation, the issue tracker, and community discussions. This is where you report bugs, request features, and follow development progress. Contributions to docs, module examples, and extension recipes are always welcome.
WASM Module SDK — Synaps
The guest SDK for writing scanner modules is open source. Authors write Rust code against the hugin-scanner-guest crate, compile to WASM, and publish modules for the community. Each module runs fully sandboxed inside Wasmtime with a 1 billion instruction limit and a 16 MB memory cap. Modules get access to HTTP, raw TCP, DNS, TLS inspection, WebSocket, browser automation, and Oastify out-of-band callbacks — all through well-defined host imports. The sandbox guarantee means untrusted community modules cannot compromise your system.
Lua Extension API
The extension system is fully documented. Users write Lua scripts to customize proxy behavior — modify requests and responses in-flight, run passive checks, react to scan results, or hook into flow capture events. Extensions declare permissions (ReadFlows, ModifyFlows, NetworkAccess, FileSystem) and run inside a sandboxed Lua 5.4 environment with instruction limits and memory caps. No compilation step — drop a script and a manifest into the extensions directory and reload.
MCP Protocol
Hugin exposes 130+ tools through the open Model Context Protocol standard. Any MCP-compatible AI agent — Claude, Cursor, or your own tooling — can connect and drive the proxy programmatically. There is no proprietary API layer between the agent and Hugin. The protocol is open, the tool schemas are documented, and you can build your own workflows on top without permission.
Built on open source
Hugin would not exist without the open source ecosystem. The core is built on Rust, Axum, Hyper, Tokio, SQLite (via sqlx), Dioxus, hudsucker, maud, mlua, Wasmtime, and dozens of other excellent crates. We are grateful to every maintainer whose work makes Hugin possible, and we contribute back where we can.
Why the core is proprietary
Sustaining development of professional security tooling takes focused, full-time work. Open-sourcing the entire codebase would make it impossible to fund that work without venture capital, and venture capital comes with incentives that conflict with building tools hunters can trust.
The Pro tier funds continued development directly. The Community tier ensures the core tool — proxy, scanner, intruder, repeater, sequencer, decoder — remains free forever. No sunset clause, no rug pull.
Reporting issues
Found a bug? Have a feature request? Open an issue at github.com/HuginSecurity/Hugin/issues. Security vulnerabilities can be reported privately through GitHub's security advisory feature on the same repository. We take every report seriously.