Menu
Is ngrok a safe tool to use? I was reading a tutorial which recommended to use ngrok test API responses that I make to outside services that need to connect to my endpoints also.
263
ngrok Secure Tunnels allow you to instantly open access to remote systems without touching any of your network settings or opening any ports on your router. This means you get a secure, reliable tunnel for your developer box, IoT device, or just about anything that has access to the internet.
In addition, ngrok is used by hackers to deliver phishing attacks. Ngrok can bypass a firewall, and it uses a random temporary subdomain which makes it hard to detect. Hackers see this as an opportunity to create a server that can deliver a malicious code to any one who clicks the URL in a phishing email.
Ngrok is a legitimate remote-access tool. It is regularly abused by attackers, who use its capabilities and reputation to maneuver while bypassing network protections.
ngrok may collect, retain, use, and disclose data and other information about you and your users, including but not limited to Customer Data, subject to the terms of ngrok's Privacy Policy.
There is no source code available for Version 2.0, considering it started as an open source project in 2014. I am suspect of any code that opens a tunnel to my localhost from the cloud. Pretty scary stuff especially without source code!
180
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
