Product
HUGIN observes your external attack surface across nine asset domains — continuously, autonomously, from public sources only.
The nine asset domains
HUGIN observes your external attack surface across nine asset domains — continuously, autonomously, from public sources only.
Complete attack surface
Nine asset types monitored in parallel: domains, subdomains, IP addresses, SSL/TLS certificates, software stack, digital identity, email security, takeover risk, and leaked credentials. For every IP: ASN, hosting provider, exposed services, and banner fingerprint via Shodan and Censys.
Identity fabric
HUGIN maps your organisation's identity stack — Entra ID, Okta, ADFS, Google Workspace — and infers MFA posture from public signals (DNS, MX, SAML metadata). Find the gap before the breach.
Subdomain takeover (27 providers)
All hostnames with dangling CNAMEs scanned across 27 SaaS providers — GitHub Pages, Heroku, S3, Azure CDN, Shopify, Fastly, and more. Critical, headline-grade findings: subdomains claimable by an attacker in minutes.
How it works — The Flight
Scan
The raven flies the external perimeter: passive DNS, CT logs, banner grab, public OSINT. No agent to install, no internal access required.
Prioritized findings
Results are cross-referenced with the CISA KEV catalog and EPSS scores. At the top of the list: what is genuinely exploitable today — not 24,000 CVEs of noise.
Dashboard
Everything exposed, asset by asset, ready to act on. Aggregated Hugin Score, issue feed, exportable reports. The raven has spoken.
Sees what you can't.