Doxycannon takes a pool of OpenVPN files and creates a Docker container for each one. After a successful VPN connection, each container spawns a SOCKS5 proxy server and binds it to a port on the Docker host. Combined with tools like Burp suite or proxychains, this creates your very own private botnet on the cheap.
- A VPN subscription to a provider that distributes *.ovpn files
- Install the required pip modules:
pip install -r requirements.txt
- Ensure docker is installed and enabled. Refer to the Wiki for installation instructions on Kali/Debian
proxychains4is required for interactive mode
- Create an
auth.txtfile with your ovpn credentials in
VPN. The format is:
- Fill the VPN folder with
*.ovpnfiles and ensure that the
auth-user-passdirective in your
- Check out this wiki section for installation instructions for individual VPN providers
./doxycannon.py --buildto build your image with your OVPN files
--buildwill need to be run on code changes or when you modify the
note: the way proxychains seeds its PRNG to choose a random proxy is not fast enough to ensure each subsequent request goes out through a different IP. You may get between 1-10 requests being made from the same IP. If this is unacceptable, I merged a patch to the original proxychains repo. Download and build from master to get the fix. https://github.com/haad/proxychains
One-off, random commands
While your containers are up, you can use proxychains to issue commands through random proxies
proxychains4 -q curl -s ipconfig.io/json proxychains4 -q hydra -L users.txt -p Winter2018 manager.example.com -t 8 ssh proxychains4 -q gobuster -w word.list -h http://manager.example.com
--single flag to bring up your proxies and create a proxy rotator.
hgfs/shared/doxycannon master ❯❯ ./doxycannon.py --single [+] Writing HAProxy configuration [*] Image doxyproxy built. [*] Staring single-port mode... [*] Proxy rotator listening on port 1337. Ctrl-c to quit ^C [*] doxyproxy was issued a stop command [*] Your proxies are still running.
To see what's happening, checkout out the haproxy folder. Essentially, one is building a layer 4 load-balancer between all the VPNs. This will allow you rotate through your proxies from a single port which means you can point your browsers or BURPSuite instances at it and have every request use a different VPN.
Specific SOCKS proxies
If you want to use a specific proxy, give your utility the proper SOCKS port.
Example: To make a request through Japan, use
docker ps and find the local
port to which the Japanese proxy is bound.
Configure your tool to use that port:
curl --socks5 localhost:50xx ipconfig.io/json
Once you've built your image and started your containers, run the utility with
--interactive flag to get a bash session where all network traffic is
redirected through proxychains4
pry0cc for the idea
This was originally a fork of pry0cc's ProxyDock. It's been modified to an extent where less than 1% of the original code remains.
- Allow for management of remote doxycannon installs through the Docker API
- Connect to VPN endpoints through TOR when
--up --toris passed
- Interactive mode
- Python management script
- Faster Up/Down Container management
- Dispatch server - (will allow GUI applications to use doxycannon)
- Creates a single local proxy server that dispatches through VPNs