• Stars
    star
    1,857
  • Rank 24,974 (Top 0.5 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created almost 6 years ago
  • Updated over 1 year ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

FireProx

Overview

Being able to hide or continually rotate the source IP address when making web calls can be difficult or expensive. A number of tools have existed for some time but they were either limited with the number of IP addresses, were expensive, or required deployment of lots of VPS's. FireProx leverages the AWS API Gateway to create pass-through proxies that rotate the source IP address with every request! Use FireProx to create a proxy URL that points to a destination server and then make web requests to the proxy URL which returns the destination server response!

Brought to you by:

Black Hills Information Security

Maintainer

Benefits

  • Rotates IP address with every request
  • Configure separate regions
  • All HTTP methods supported
  • All parameters and URI's are passed through
  • Create, delete, list, or update proxies
  • Spoof X-Forwarded-For source IP header by requesting with an X-My-X-Forwarded-For header

Disclaimers

  • Source IP address is passed to the destination in the X-Forwarded-For header by AWS
    • ($100 to the first person to figure out how to strip it in the AWS config before it reaches the destination LOL!)
    • Thanks to Fred Reimer for the awesome X-Forwarded-For patch within 1 hour!
  • I am not responsible if you don't abide by the robots.txt :)
  • CloudFlare seems to sometimes detect X-Forwarded-For when blocking scrapers (NEED TO TEST W/ NEW PATCH)
  • Use of this tool on systems other than those that you own are likely to violate the AWS Acceptable Use Policy and could potentially lead to termination or suspension of your AWS account. Further, even use of this tool on systems that you do own, or have explicit permission to perform penetration testing on, is subject to the AWS policy on penetration testing.

Credit

After releasing FireProx publicly, I learned two others were already using the AWS API Gateway technique. Researching the chain of events and having some great conversations, I came to the realization that the only reason I even knew about it was because of these people. I thought it would be cool to give them a few shout-outs and credit, follow these people -- they are awesome.

Credit goes to Ryan Hanson - @ryHanson who is the first known source of the API Gateway technique

Shout-out to Mike Hodges - @rmikehodges for making it public in hideNsneak at BlackHat Arsenal 2018

Major shout-out, once again, to my good friend Ralph May - @ralphte1 for introducing me to the technique awhile back.

Basic Usage

Requires AWS access key and secret access key or aws cli configured

usage: fire.py [-h] [--access_key ACCESS_KEY] [--secret_access_key SECRET_ACCESS_KEY] [--region REGION] [--command COMMAND] [--api_id API_ID] [--url URL]

FireProx API Gateway Manager

usage: fire.py [-h] [--profile_name PROFILE_NAME] [--access_key ACCESS_KEY] [--secret_access_key SECRET_ACCESS_KEY] [--session_token SESSION_TOKEN] [--region REGION] [--command COMMAND] [--api_id API_ID] [--url URL]

FireProx API Gateway Manager

optional arguments:
  -h, --help            show this help message and exit
  --profile_name PROFILE_NAME
                        AWS Profile Name to store/retrieve credentials
  --access_key ACCESS_KEY
                        AWS Access Key
  --secret_access_key SECRET_ACCESS_KEY
                        AWS Secret Access Key
  --session_token SESSION_TOKEN
                        AWS Session Token
  --region REGION       AWS Region
  --command COMMAND     Commands: list, create, delete, update
  --api_id API_ID       API ID
  --url URL             URL end-point
  • Examples
    • examples/google.py: Use a FireProx proxy to scrape Google search.
    • examples/bing.py: Use a FireProx proxy to scrape Bing search.

Installation

You can install and run with the following command:

$ git clone https://github.com/ustayready/fireprox
$ cd fireprox
~/fireprox$ virtualenv -p python3 .
~/fireprox$ source bin/activate
(fireprox) ~/fireprox$ pip install -r requirements.txt
(fireprox) ~/fireprox$ python fire.py

Note that Python 3.6 is required.

Building a Docker image: (Currently does not work on Docker for Windows, possibly due to line endings in entrypoint.sh.)

$ git clone https://github.com/ustayready/fireprox
$ cd fireprox
$ docker build -t fireprox .
$ docker run --rm -it fireprox -h

Screenshots

Usage List Create Delete Demo

Contributing

  1. Create an issue to discuss your idea
  2. Fork FireProx (https://github.com/ustayready/fireprox/fork)
  3. Create your feature branch (git checkout -b my-new-feature)
  4. Commit your changes (git commit -am 'Add some feature')
  5. Push to the branch (git push origin my-new-feature)
  6. Create a new Pull Request

Bug reports, feature requests and patches are welcome.

More Repositories

1

CredSniper

CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
HTML
1,310
star
2

CredKing

Password spraying using AWS Lambda for IP rotation
Python
566
star
3

SharpHose

Asynchronous Password Spraying Tool in C# for Windows Environments
C#
306
star
4

python-pentesting

Just a repo of random Python scripts to get pentesters started with the Python language on engagements.
Python
209
star
5

golddigger

Python
180
star
6

CasperStager

PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.
C#
146
star
7

cloudgpt

Vulnerability scanner for AWS customer managed policies using ChatGPT
Python
141
star
8

wnfexec

WNF Code Execution Library Using C#
C#
108
star
9

ShredHound

Small utility to chunk up a large BloodHound JSON file into smaller files for importing.
Python
81
star
10

DirectAI

ChatGPT queries via OpenAI API in your terminal
Python
60
star
11

CloudBurst

CloudBurst is a red team framework for interacting with cloud providers to capture, compromise, and exfil data.
36
star
12

roguerdp

33
star
13

outpost

AWS Testing and Reporting Management Tool
Python
20
star
14

android-app-recovery

Scripts to parse large Android binary images and extracts deleted data from apps
Python
13
star
15

mavd

Mobile Application Vulnerability Detection
Python
12
star
16

physical-analyzer-scripts

Cellebrite Physical Analyzer python scripts to aid analysts with extended functionality
Python
8
star
17

googlerecon

Google Recon for Pentesting
Python
6
star
18

pynse

NSE to launch Python Scripts
Python
5
star
19

qrwifi

QRCode Wifi Generator
Python
3
star
20

forensicpy

Library for performing mobile device decoding for nibbles and 7-bit decoding
Python
3
star
21

pyslite

Script for performing SQLite database to Excel workbook conversions
Python
3
star
22

XtoTwitter

JavaScript
2
star
23

polk-sheriff-arrests

Downloads all the arrests from 1990-2017 from Polk County Sheriffs Office
Python
2
star
24

digraph

A digraph plotter for sequential byte visualization
Python
2
star
25

ipsubcon

IP Subnet Converter
Python
1
star
26

stayready.github.io

Personal Github IO Website
HTML
1
star
27

CasperWNF

Simple UI for creating, subscribing, updating, querying, and fuzzing Windows WNF state names.
1
star