Hello, welcome back in a recent tutorial (How to Use Metasploit, SEToolkit Without Opening Ports Kali Linux) we worked with Ngrok creating secure introspectable tunnels. Using tunnels while pentesting can be a lot safer using these encrypted tunnels we can expose a local server behind a NAT or firewall to the Internet essentially bypassing restrictions on machines behind strict Firewall rules and NAT restrictions such as mobile hot spots and corporate networks or simply networks networks that have restricted access to default network administration panel. For what ever reason you need to create a secure tunnel the sites below will certainly help they will allow us connect to devices behind firewalls without needing complex network configurations without the need for port forwarding. These services will allow use to use Hacking Tools such as Metasploit and SET (Social Engineers Toolkit) outside of our Local Host Network.
Today I will list the best websites to create secure tunnels for use with pentesting tools and various networking tasks when creating accounts with these services use a disposable email account such as getnada or a similar disposable email provider to help secure your anonymity. All the services below will expose local network applications through HTTPS tunnels with free SSL certificates for authenticated remote access.
One of my Favorites is Ngrok is a multiplatform tunnelling, reverse proxy software that establishes secure tunnels from a public endpoint such as the Internet back to a locally running network service while capturing all traffic for detailed inspection and replay. Visit Official Ngrok Website
Portmap.io was designed to make your life a little easier. while creating tunnels from your localhost IP over the Internet Make your home PC available from Internet without a real IP address. Visit Official Portmap Website
Dataplicity is a remote terminal for your Raspberry Pi the great thing about Dataplicity is that it works with all platforms including Android. You can even connect to devices behind firewalls without needing complex network configurations using Dataplicity. Visit Dataplicity Official Website
beame.io will provide you your very own fully-qualified domain name and your very own free SSL certificate (GlobalSign root CA). This will allow you to tunnel securely over HTTP. You can choose to terminating or not to terminate the Transport-Layer Security (TLS). Expose local network applications through HTTPS tunnels with free SSL certificates for authenticated remote access. Visit Beame.io Official Website
If you enjoyed this article please consider sharing it on social media and with your friends thanks for supporting HackingVision.
- Top 10 Phishing Tools - 10th April 2020
- Distributed Hash Cracking Hashcat Hashtopolis Tutorial - 30th March 2020
- Cracking Password Hashes with Hashcat Rule-based attack - 27th March 2020