Huginn Net Ecosystem

The Huginn Net ecosystem consists of 5 specialized Rust crates designed for maximum flexibility and performance in network protocol analysis. Each crate can be used independently or combined to create comprehensive network monitoring solutions.

Modular Architecture

huginn-net

Complete Suite


↓ Uses ↓
huginn-net-tcp

TCP Analysis

huginn-net-http

HTTP Analysis

huginn-net-tls

TLS Analysis

↓ TCP & HTTP use ↓
huginn-net-db

Database Engine

Crates Overview

huginn-net - Complete Analysis Suite

Purpose: Multi-protocol orchestrator that combines TCP, HTTP, and TLS analysis into a unified interface.

Use when: You need comprehensive network analysis across multiple protocols.

[dependencies]
huginn-net = ""

Key Features:

  • Unified API for all protocols
  • Automatic protocol detection
  • Comprehensive result aggregation
  • Live capture and PCAP analysis

huginn-net-tcp - TCP Analysis & OS Detection

Purpose: TCP fingerprinting and OS detection using p0f-style signatures.

Use when: You only need TCP analysis, OS detection, MTU calculation, or uptime estimation.

[dependencies]
huginn-net-tcp = ""

Key Features:

  • OS fingerprinting (Windows, Linux, macOS, etc.)
  • MTU detection and link type identification
  • System uptime calculation from TCP timestamps
  • Quality scoring for match confidence

huginn-net-http - HTTP Analysis & Browser Detection

Purpose: HTTP request/response analysis for browser and web server identification.

Use when: You only need HTTP analysis, browser detection, or web server identification.

[dependencies]
huginn-net-http = ""

Key Features:

  • Browser detection (Chrome, Firefox, Safari, etc.)
  • Web server identification (nginx, Apache, IIS)
  • Language preference extraction
  • HTTP/1.x and HTTP/2 support

huginn-net-tls - JA4 TLS Client Fingerprinting

Purpose: TLS client fingerprinting using the official JA4 specification.

Use when: You only need TLS analysis, JA4 fingerprinting, or client identification.

[dependencies]
huginn-net-tls = ""

Key Features:

  • JA4 fingerprinting (FoxIO specification)
  • TLS 1.0-1.3 and SSL 2.0/3.0 support
  • GREASE filtering per RFC 8701
  • SNI and ALPN extraction

huginn-net-db - Database Parser & Matching Engine

Purpose: P0f database parsing and signature matching engine.

Use when: You need custom signature parsing or advanced database operations.

Note: This crate is automatically included with TCP and HTTP crates. Most users don't need to use it directly.

[dependencies]
huginn-net-db = ""

Key Features:

  • P0f signature database parsing
  • Distance-based quality scoring
  • Extensible matching algorithms
  • Custom signature support

Which Crate Should I Use?

Decision Guide

  • Need everything? → Use huginn-net
  • Only OS detection? → Use huginn-net-tcp
  • Only browser detection? → Use huginn-net-http
  • Only TLS analysis? → Use huginn-net-tls
  • Custom signatures? → Use huginn-net-db directly
Overview Quick Example