What is HookSniff?
HookSniff is a webhook delivery platform. You send events via API, HookSniff delivers them to your endpoints with retries, signatures, and full observability.
The Problem
When your application needs to send webhooks, you end up building:
- Retry logic — What happens when the receiving server is down?
- Queue management — How do you handle thousands of concurrent deliveries?
- Signature verification — How does the receiver know the webhook is really from you?
- Monitoring — How do you debug failed deliveries?
- Rate limiting — How do you protect your customers' servers from being overwhelmed?
Building this yourself takes weeks. HookSniff handles all of it out of the box.
Before and After HookSniff
Without HookSniff
- Webhook code scattered across your application
- No centralized visibility on delivery status
- Retry and failure logic you maintain yourself
- Hard to debug when webhooks fail
- No signature standard — each integration is different
With HookSniff
- One API call to send any webhook
- Dashboard shows every delivery with full details
- Automatic retries with exponential backoff
- Dead Letter Queue for failed deliveries
- Standard Webhooks HMAC-SHA256 signatures
How HookSniff Works
- 1. Your application sends an event to HookSniff via REST API
- 2. HookSniff validates the payload, checks rate limits, and stores the delivery
- 3. The worker picks up the delivery and sends an HTTP POST to your endpoint
- 4. The payload is signed with HMAC-SHA256 using your endpoint's signing secret
- 5. If the delivery fails, it's automatically retried (default: 5 attempts with exponential backoff)
- 6. After all retries are exhausted, the delivery moves to the Dead Letter Queue
- 7. Every attempt is logged with status code, response body, and timing — visible in the dashboard
Core Concepts
Endpoint
A URL where webhooks are delivered. Each endpoint has a signing secret and optional event filters.
Webhook (Delivery)
An event you send via the API. HookSniff delivers it to the target endpoint and tracks every attempt.
Event Type
A string identifier like order.created that describes what happened. Used for filtering and routing.
Retry Policy
Configurable per endpoint. Default: 5 attempts with exponential backoff (1s, 2s, 4s, 8s, 16s). After exhaustion, delivery goes to DLQ.
Dead Letter Queue (DLQ)
Where failed deliveries go after all retries are exhausted. You can inspect them and replay with one click.
Why HookSniff?
- Rust — Rust-powered — API and worker built with Axum/Tokio for high performance
- 11 SDK — 11 SDKs — Node.js, Python, Go, Rust, Ruby, Java, Kotlin, PHP, C#, Elixir, Swift
- Standard Webhooks — Standard Webhooks — HMAC-SHA256 signatures, industry-standard format
- Smart routing — Round-robin and failover with fallback URLs
- FIFO — FIFO delivery — Ordered delivery with sequence numbers per endpoint
- Per-endpoint throttling — Token bucket / sliding window to protect customer servers
- Inbound proxy — Receive webhooks from Stripe, GitHub, Shopify through HookSniff
- Embeddable portal — Let your customers manage their own webhook endpoints
- Free tier friendly — Runs entirely on free services ($0/month)
Use Cases
- SaaS platforms — Let customers receive webhook notifications from your product
- E-commerce — Send order updates, payment confirmations, shipping notifications
- CI/CD pipelines — Notify teams about build results, deployments, failures
- Microservices — Decouple services with async event delivery
- Third-party integrations — Connect to Slack, Discord, PagerDuty, or any HTTP endpoint
- Audit and compliance — Track all events and their delivery status for compliance