ngrok
Featured⚖️ Dual Use · Go
ngrok creates secure tunnels from a public endpoint to a locally running service. It captures all traffic for inspection, replay, and analysis. While designed for legitimate development and testing workflows, ngrok is commonly used in red team operations to exfiltrate data, establish reverse tunnels to C2 infrastructure, and bypass NAT/firewall restrictions. The free tier provides random subdomains; paid plans offer custom domains and IP restrictions.
Installation
$ brew install ngrokUse Cases
- Exposing local dev servers for webhook testing
- Bypassing NAT and firewall restrictions
- Creating reverse tunnels for C2 callbacks
- Traffic inspection and replay during development
- Quick file sharing and data exfiltration
Tags
Details
- Category
- ⚖️ Dual Use
- Language
- Go
- Repository
- inconshreveable/ngrok
Platforms
More in Dual Use
ProxyChains-ng
CForce any TCP connection through SOCKS4/5 or HTTP proxies. Chain multiple proxies for anonymity.
Socat
CMultipurpose relay tool. Bidirectional data transfer between two data channels — sockets, files, pipes, devices.
Rclone
Gorsync for cloud storage. Sync, copy, and mount 70+ cloud providers. Command-line Swiss army knife for cloud data.
GTFOBins
ShellCurated list of Unix binaries that can be used to bypass security restrictions. Living off the land, documented.
LOLBAS
ShellLiving Off The Land Binaries, Scripts and Libraries for Windows. Documenting every Windows binary with offensive potential.
Sysinternals Suite
C/C++Microsoft's advanced system utilities. PsExec, Process Monitor, Autoruns, TCPView — essential for both ops and offense.