ngrok is a cross-platform application that enables developers to expose a local development server to the Internet with minimal effort. The software makes your locally-hosted web server appear to be hosted on a subdomain of ngrok.com, meaning that no public IP or domain name on the local machine is needed. Similar functionality can be achieved with Reverse SSH Tunneling, but this requires more setup as well as hosting of your own remote server.
Ngrok has a free pricing tier for developers who are bringing new projects to life. The downside to the free tier is the lack of custom domain support.
ngrok is able to bypass NAT Mapping and firewall restrictions by creating a long-lived TCP tunnel from a randomly generated subdomain on ngrok.com (e.g. 3gf892ks.ngrok.com) to the local machine. After specifying the port that your web server listens on, the ngrok client program initiates a secure connection to the ngrok server and then anyone can make requests to your local server with the unique ngrok tunnel address. The ngrok developer's guide contains more detailed information on how it works.
Various tunnel servers are available around the world and locations include: US (Ohio), Europe (Frankfurt), Asia (Singapore), and Australia (Sydney). Alternatively, the ngrok server software can be self-hosted on a VPS or dedicated server.
By default, ngrok creates both HTTP and HTTPS endpoints, making it useful for testing integrations with third-party services or APIs that require valid SSL/TLS domains. Other use cases include: quickly showcasing local demos to clients, testing mobile application backends, and running personal cloud services from your home PC.
One praised feature of ngrok is the ability to track and replay HTTP requests via ngrok's web console . The replay functionality is highly useful when testing API calls or webhooks as one can easily inspect all header content and request/response data in one place via the console UI.
A premium version of ngrok, ngrok link, is available for developers to use in production and offers features such as API automation and credential management, making it suitable for remote IoT management in a professional setting.
Ngrok is a highly secure platform for remote access and is safe to use. Ngrok provides tunneling, as mentioned above, which enables users to access local-hosted servers from outside the machine.
Ngrok is regularly abused by hackers for cyber attacks. Hackers choose ngrok because of its capabilities and reputation to maneuver while bypassing security protocols. They will see this as a way to complete a phishing attack, as they are able to create fake login pages or deliver malicious URLs.