hakoriginfinder: Discovering Origin Hosts Behind Reverse Proxies

This repository profile is provided by osrepos.com, an open source repository discovery platform.

hakoriginfinder: Discovering Origin Hosts Behind Reverse Proxies

Summary

hakoriginfinder is a powerful Go-based tool designed to uncover the true origin host behind reverse proxies, including cloud-based Web Application Firewalls (WAFs). It achieves this by comparing HTTP responses from potential origin IP addresses against the original proxy response using the Levenshtein algorithm. This functionality makes it an invaluable asset for security researchers and penetration testers looking to bypass WAFs and identify underlying infrastructure.

Repository Information

Analyzed by OSRepos on March 26, 2026

Topics

Click on any tag to explore related repositories

Use at your own risk

OSRepos shares public repositories for knowledge and discovery only. Any installation, execution, configuration, or use of code from these repositories is the user's own responsibility. Always review the repository, source code, dependencies, licenses, and security implications before running or installing anything. OSRepos is not responsible for issues, damages, or losses resulting from third-party repositories.

Introduction

hakoriginfinder is a specialized tool developed by hakluke, aimed at identifying the actual origin server that sits behind a reverse proxy. This capability is particularly useful for security assessments, allowing testers to potentially bypass protective layers like WAFs and directly interact with the backend server.

The tool operates by first making a request to the target hostname or URL and storing its response. Subsequently, it probes a list of provided IP addresses on specified ports (defaulting to 80 and 443), setting the Host header to the original target. Each response from these IP addresses is then compared to the original response using the Levenshtein distance algorithm. A low Levenshtein score indicates high similarity, flagging a potential match for the origin host.

Installation

To install hakoriginfinder, you need to have Go installed on your system. Once Go is set up, you can install the tool using the following command:

go install github.com/hakluke/hakoriginfinder@latest

Examples

hakoriginfinder is designed for straightforward command-line usage, typically accepting a list of IP addresses via standard input and the target hostname via the -h option.

Here's a basic example demonstrating how to use it with prips to generate IP ranges:

prips 93.184.216.0/24 | hakoriginfinder -h https://example.com:443/foo

You can customize the tool's behavior with several options:

  • -l: Set the Levenshtein distance threshold. A lower number requires more similar matches, default is 5.
  • -t: Specify the number of threads to use, default is 32.
  • -h: Define the hostname, this option is mandatory.
  • -p: Set the ports to scan on the IP addresses, default is 80,443.

Output Example

The output provides three columns: a match status ("MATCH" or "NOMATCH"), the URL being tested, and the Levenshtein score.

$ prips 1.1.1.0/24 | hakoriginfinder -h http://one.one.one.one:80/index.html -p 80,443,8080,8443
Redirect 301 to: https://one.one.one.one/index.html
Redirect 308 to: https://one.one.one.one/
NOMATCH http://1.1.1.31:443/ 56290
...
MATCH https://1.1.1.1:443/ 0
...
MATCH https://1.1.1.1:8443/ 0

Why Use hakoriginfinder?

hakoriginfinder is an essential tool for several reasons, particularly in the realm of cybersecurity:

  • WAF Bypass: By identifying the true origin IP, security professionals can often bypass WAFs and other reverse proxies, allowing direct interaction with the backend server to discover vulnerabilities that would otherwise be hidden.
  • Infrastructure Discovery: It helps in mapping out an organization's network infrastructure, revealing hidden servers or misconfigurations.
  • Security Assessments: Integral for comprehensive penetration testing and vulnerability assessments, providing a deeper understanding of the target's attack surface.
  • Efficiency: Automates a complex task that would otherwise require manual and time-consuming efforts to compare server responses.

Links

For more details, contributions, or to report issues, visit the official GitHub repository:

Related repositories

Similar repositories that may be relevant next.

no-mistakes: AI-Driven Git Proxy for Flawless Pull Requests

no-mistakes: AI-Driven Git Proxy for Flawless Pull Requests

June 30, 2026

no-mistakes is an innovative Git proxy that streamlines the pull request workflow by ensuring code quality before it reaches your remote. It uses an AI-driven validation pipeline in a disposable worktree, automatically applying safe fixes and escalating complex issues for human review. This tool helps developers maintain clean, high-quality codebases and open perfect PRs effortlessly.

GitAIDeveloper Tools
Gogcli: Google Workspace Management from Your Terminal

Gogcli: Google Workspace Management from Your Terminal

June 24, 2026

Gogcli is a powerful command-line interface for Google Workspace, allowing users to manage Gmail, Calendar, Drive, Docs, Sheets, and many other services directly from their terminal. It is designed for both interactive use and robust automation, providing predictable output, agent safety features, and support for multiple accounts.

gcalgcontactsgdrive
PinchTab: High-Performance Browser Automation for AI Agents

PinchTab: High-Performance Browser Automation for AI Agents

June 21, 2026

PinchTab is a high-performance browser automation bridge and multi-instance orchestrator, designed to give AI agents direct control over Chrome. Built in Go, it offers advanced stealth injection, real-time dashboards, and token-efficient web interaction. It supports both headless and headed modes, enabling robust and secure automation workflows for various applications.

browser-automationGoheadless-chrome
Multigres: Vitess Adaptation for Scalable Postgres Databases

Multigres: Vitess Adaptation for Scalable Postgres Databases

June 3, 2026

Multigres is an innovative project that adapts Vitess for use with PostgreSQL, aiming to bring advanced sharding and scalability features to Postgres environments. Currently in early development, it offers a promising solution for managing large-scale Postgres deployments. Users can explore its capabilities and contribute to its growth.

GoPostgresVitess

Source repository

Open the original repository on GitHub.

View on GitHub
OS
OSRepos

Analysis and discovery of open source repositories. Find interesting projects and follow their updates.

Monitor your website with YourWebsiteScore

OSRepos shares public repositories for knowledge and discovery only. Any installation, execution, configuration, or use of third-party repository code is at your own risk. Always review source code, dependencies, licenses, and security implications before running anything.

© 2025 OSRepos. Built with Nuxt 3 and lots of ❤️