Higuruma
A Human/AI co-pilot seat built for the future of web security. Sees what other scanners miss. Boundless passive capabilities.
What it sees
Built for the engagements that other tools cannot reach. Passive, surgical, designed to surface what platforms broadcast at the wire layer that their own UIs never expose.
Strict passive discipline
Higuruma never originates traffic. The target reveals itself, Higuruma observes every byte. Findings carry a confidence tier so quick pattern hits stay distinguishable from deeper deterministic confirmations. Watching carefully reveals more than probing aggressively.
Live decode via mitmproxy MCP
Every request and response unwrapped at the proxy: protobuf, plist, CMS, OCSP, LZ4, ZIP, base64, JWT, JSON, GraphQL, full ECMAScript AST in Rust. AI agents replay through the same proxy. Results land back in the analyzer as fresh flows in real time.
Chrome co-pilot via CDP MCP
Persistent CDP link replicates console messages, live DOM snapshots, the JS debugger, cookies and storage across every origin into Higuruma's tabs. AI agents drive navigation through the chrome-devtools MCP while Higuruma watches every byte.
Desktop-app traffic introspection
One-click system-wide proxy toggle in Settings. Launch any native app, Apple Maps, Spotify, Cursor, Slack, Claude Desktop, and watch its backend populate the Network tab. Cert-pinning blocks the UI, backend calls still flow through. Any binary with web traffic becomes a target.
LLM API surface fingerprint
Sixteen providers fingerprinted plus self-hosted OpenAI-compatible detection. Per-call extraction of model, system prompt, tool and function names, message turn count, streaming flag. The verb table any prompt-injection landing inherits, plus enterprise OpenAI proxies.
Client-side route enumeration
Modern web apps declare every page and API endpoint up front, baked into the JavaScript a browser downloads. Higuruma reads those declarations off the wire and surfaces the full list, admin paths, internal endpoints, dynamic routes, with HTTP verbs.
WebSocket hybrid capture
mitmproxy plus CDP captures every WebSocket frame, including the ones from before Chrome's debugger attached. zlib-stream decompression handles compressed gateway protocols. Gitleaks sweeps every payload, protobuf and MessagePack frames decode automatically.
Cross-function AST taint
First pass builds per-function summaries from a native Rust AST parser. Second pass applies them at every call site. Multi-hop chains trace through two function boundaries, catching DOM-XSS where regex misses. Multi-megabyte bundles parse in milliseconds.
Timing oracle detection
Groups flows by endpoint and flags outliers with z-score and max-over-median ratio combined. Surfaces auth probes, blind-SQLi, and ReDoS on endpoints with a handful of samples. Per-endpoint baselines update as each flow arrives, no manual config.
Session-fingerprint clustering
Derives auth identity from headers, cookies, and API keys, with Public Suffix List for same-site precision. Builds a cross-session matrix diffing status, size, and JSON shape. Catches authz boundaries and IDOR-adjacent leaks with no manual context.
Source-map runtime reconstruction
Captures maps built at JavaScript execution time via CDP, alongside the static-comment forms. When a site assembles its source map at runtime through base64 concatenation, Higuruma catches the realized map and surfaces the original source tree.
Sensor and actuator loop
Higuruma is the sensor, the co-pilot is the actuator. Passive observation generates hypotheses, active testing through the proxy MCP validates them, every active byte becomes more passive data. The two layers amplify each other across the engagement.
How it runs
Higuruma is the passive sensor, a human or AI agent is the actuator. The chrome-devtools and mitmproxy MCPs are the data link to the live web. Every request, response, WebSocket frame, DOM snapshot, and cookie store flows through them into Higuruma, which surfaces security issues passively. The co-pilot reads findings and drives active probes back through the same proxy. The loop compounds. The sensor stays pure.
Engage
Available for contract security research, scoped passive assessments, and class-level analysis collaboration. Remote, NDA-bound, written reports delivered on completion.
Focused passive assessment of one authorized surface. Written report with findings no other tool produces.
Recurring wire-layer measurement for teams who need an external sensor on a calendar. Aggregate output, regulatory-defensible.
Live Higuruma walkthrough against a target you pick. Evaluates fit and depth before scoping a real engagement.
Response within 48 hours. PGP key on request.