Moley the mole

Nice to mole you.

On-demand tunnels with a kill switch.

Expose localhost to the internet — temporarily, intentionally, programmatically. Every tunnel has a TTL. No permanent attack surface.

Get started free Self-host it
# Install (no sudo needed)
$ curl -fsSL nullbore.com/install.sh | sh
# Expose port 3000 for 30 minutes
$ nullbore open --port 3000 --ttl 30m
✓ https://a7f3bc.tunnel.nullbore.com → localhost:3000
# Done? It closes itself. Or close it now.
$ nullbore close a7f3bc

Built for developers who ship

Tunnels that know when to quit.

⏱️ Time-limited by default

Every tunnel gets a TTL. Free tunnels expire after 2 hours. Paid tunnels are persistent by default, or set your own TTL per tunnel. No zombie tunnels.

🔒 TLS everywhere

Every tunnel gets HTTPS automatically via Let's Encrypt. No setup, no certs to manage.

🤖 API-first

Open, close, and manage tunnels via REST API. Built for automation — scripts, bots, CI/CD pipelines.

📊 Dashboard control

See active tunnels, traffic stats, and API keys. Suspend tunnels with one click. Real-time status.

🔄 Auto-reconnect

Client reconnects automatically with exponential backoff. Survives server restarts and network blips.

🏠 Self-hostable

One binary, zero dependencies. Run your own NullBore server. Open source, ELv2 licensed.

👷 Daemon mode

Define tunnels in config.toml, run nullbore daemon, and they stay up. Opens ports on the fly, reconnects automatically. Perfect for always-on services behind NAT.

🛡️ Your data stays yours

Tunnel traffic is encrypted over TLS. We relay raw bytes — we don't inspect or store your payload. Request metadata is available only for your own debugging.

🔌 WebSocket & SSE native

Full WebSocket and Server-Sent Events support out of the box. Run ComfyUI, live dashboards, or streaming APIs through your tunnel — no special config needed.

🧠 Tunnels your AI agent can open — and close

NullBore is built for autonomous agents. The kill switch isn't a feature, it's the design: agents open a tunnel, use it, and the tunnel closes itself. No exposed services left running after the session ends.

MCP server exposure

Give a cloud-hosted agent access to your local MCP server with one command. Idle TTL closes it the moment the agent stops sending requests.

Agent-callable API

Open, list, and close tunnels via plain HTTP. Designed for tool-use loops — no SDK, no auth dance, just a Bearer token.

OpenClaw skill, ready to drop in

The /nullbore skill ships today for OpenClaw agents. Paired with the Docker sidecar, your agent inherits a persistent tunnel and can mint short-lived ones on demand.

Works the same for Claude Code, Cursor, Aider, or any agent that can call HTTP. See the agent integration guide →

Use cases

Click any use case for a step-by-step guide.

Webhook testing Client demos MCP server access Remote home services CI/CD preview deploys Bot-triggered exposure Quick file sharing
Start tunneling →