TREVORproxy: randomizes your source IP address to avoid Smart Lockout

TREVORproxy

TREVORproxy is a simple SOCKS proxy that helps avoid Smart Lockout by load-balancing your requests between multiple IP addresses. It accomplishes this with built-in Linux features — no complex OpenVPN setups or strange firewall configurations. You can use this proxy with Burp Suite, your spraying tool of choice, or even your web browser.

Common use cases

• WAF bypass
• Password spraying
• Web scraping

How it works

TREVORproxy has two modes of operation: a Subnet Proxy and an SSH Proxy:

• Subnet Proxy mode uses the AnyIP feature of the Linux kernel to assign an entire subnet to your network interface, and give every connection a random source IP address from that subnet.
  • E.g. if your cloud provider gives you a /64 IPv6 range, you can send your traffic from over eighteen quintillion (18,446,744,073,709,551,616) unique IP addresses.
• SSH Proxy mode combines iptables with SSH’s SOCKS proxy feature (ssh -D) to round-robin packets through remote systems (cloud VMs, etc.)

NOTE: TREVORproxy is not intended as a DoS tool, as it does not “spoof” packets. It is a fully-functioning SOCKS proxy, meaning that it is designed to accept return traffic.

Install

pip install git+https://github.com/blacklanternsecurity/trevorproxy

Use

TREVORproxy Copyright (C) 2021 TheTechromancer