Boomerang - A Tool To Expose Multiple Internal Servers To Web/Cloud


[![](https://1.bp.blogspot.com/-BvyNfPJMZBs/YFfV0nsU1EI/AAAAAAAAVto/DnRkdlcBAWsJOXBlHzvglbQPSqkQY2J8ACNcBGAsYHQ/w640-h260/Boomerang_2_Boomerang_v0.png)](<https://1.bp.blogspot.com/-BvyNfPJMZBs/YFfV0nsU1EI/AAAAAAAAVto/DnRkdlcBAWsJOXBlHzvglbQPSqkQY2J8ACNcBGAsYHQ/s2351/Boomerang_2_Boomerang_v0.png>) Boomerang is a tool to expose multiple internal servers to web/cloud using HTTP+TCP Tunneling. The Server will expose 2 ports on the Cloud. One will be where tools like proxychains can connect over socks, another will be for the agent to connect. The agent can be executed on any internal host. The agent will connect to the server and listen for any connection that can be forwarded to internal machine like a socks server. A more detailed information can be found in the image below. Features like authentication are in [pipeline](<https://www.kitploit.com/search/label/Pipeline> "pipeline" ) and will be added soon. Agent & Server are pretty stable and can be used in [Red Team](<https://www.kitploit.com/search/label/Red%20Team> "Red Team" ) for Multiple levels of [Pivoting](<https://www.kitploit.com/search/label/Pivoting> "Pivoting" ) and [exposing](<https://www.kitploit.com/search/label/Exposing> "exposing" ) services to external/other networks Boomerang Agent & Server support Windows, Linux and Arm architecture Features in Progress: Proxy Authentication (Use IP [Whitelisting](<https://www.kitploit.com/search/label/Whitelisting> "Whitelisting" ) for C2s till then) **[Download Boomerang](<https://github.com/paranoidninja/Boomerang> "Download Boomerang" )**