Ngrok is a reverse proxy. By establishing a secure channel between the public endpoint and the local Web server, the services of the intranet host can be exposed to the external network. Ngok can capture and analyze the traffic on all channels, which is convenient for later analysis and playback, so it can easily assist server program testing.
Reference blog: 10 minutes to teach you to build your own ngrok server.
2. Natapu
Natapp is a domestic toll network penetration tool based on ngrok, which is similar to peanut shell and has a free version, which is better than peanut shell. Free version: available
Fcn [Free Connection] is a fool-like one-click access to private networks. FCN is realized by using public server and data encryption technology: in the IP environment without public network, the LAN segment where the server is located can be accessed transparently on any networked machine. Support a variety of systems, including free version and paid version.
Tutorial: Introduction to Intranet Infiltration Tool FCN
The above are the intranet penetration tools I know, among which I have basically used ngrok-related tools and frp, all of which are similar. Most of them are free to use, but I don't recommend putting these free penetration tools on more important cloud servers, which are vulnerable to attacks. Children, start your infiltration journey.
Detailed introduction of Proxy-Go
Proxy is a high-performance HTTP, HTTPS, WebSocket, TCP, UDP and Socks 5 proxy server implemented by golang, which supports forward proxy, reverse proxy, transparent proxy, intranet penetration, TCP/UDP port mapping, SSH transit, TLS encrypted transmission, protocol conversion and DNS anti-pollution proxy.
characteristic
Chain proxy, the program itself can be used as a first-level proxy, and if a superior proxy is set, it can be used as a second-level proxy or even an N-level proxy.
Communication encryption, if the program is not the first-level agent, and the superior agent is also the program, then the communication with the superior agent can be encrypted, and the low-level tls high-intensity encryption is adopted, which is safe and featureless.
Intelligent HTTP, SOCKS5 proxy will automatically judge whether the visited website is blocked. If it is blocked, it will use the superior proxy (provided that the superior proxy is configured) to visit the website. If the visited website is not blocked, in order to speed up the access, the agent will directly visit the website without using the superior agent.
Black-and-white list of domain names, more freedom to control the way websites visit.
Cross-platform, whether you are a widow, linux, mac or even raspberry pie, you can run the agent well.
Multi-protocol support, supporting HTTP (S), TCP, UDP, WebSocket, Socks 5 agent.
TCP/UDP port forwarding.
Support intranet penetration, and the protocol supports TCP and UDP.
SSH relay, HTTP(S), SOCKS5 proxy support SSH relay, the superior Linux server does not need any server, and a local proxy can surf the Internet happily.
KCP protocol supports, HTTP(S), SOCKS5 agent supports KCP protocol to transmit data, which reduces delay and improves browsing experience.
Integrating external API, HTTP(S) and SOCKS5 proxy authentication function can integrate external HTTP API, which is convenient for controlling proxy users through external systems.
The reverse proxy supports directly resolving the domain name to the ip monitored by the proxy, and then the proxy will help you visit the HTTP(S) website you need to visit.
Transparent HTTP(S) proxy, combined with iptables, can directly forward the outbound traffic in the direction of 80,443 to the proxy of the gateway, and realize an intelligent router proxy without perception.
Protocol conversion can convert an existing HTTP(S) or SOCKS5 proxy into a port that supports both HTTP(S) and SOCKS5 proxies. The converted SOCKS5 proxy does not support UDP function, but supports powerful cascade authentication function.
Customize the underlying encrypted transmission. Http(s)\sps\socks proxy can encrypt tcp data through tls standard encryption and kcp protocol over tcp. In addition, it also supports custom encryption after tls and kcp. In other words, user-defined encryption and tls|kcp can be used together, and AES256 encryption is used internally, and only one password needs to be defined when using.
The bottom layer is effectively compressed and transmitted. Http(s)\sps\socks proxy can encrypt tcp data through custom encryption, tls standard encryption and kcp protocol over tcp, and can also compress the encrypted data, which means that the compression function can combine custom encryption and tls|kcp.
Secure DNS proxy realizes secure and pollution-free DNS query through encrypted communication between DNS proxy server provided by local proxy and superior proxy.
Why do you need these?
When we can't access our services in other places smoothly due to security factors or restrictions, we can establish a secure tunnel through multiple connected proxy nodes to access our services smoothly.
Wechat interface is developed locally to facilitate debugging.
Remote access to intranet machines.
Play LAN games with your friends.
What used to be played only on the local area network can now be played anywhere.
Replace tools such as rapier netcom, fairy IP netcom and peanut shell.