Doxycannon uses docker to create multiple socks proxies where the upstream internet connections are either VPN connections or Tor nodes

In VPN mode, it takes a pool of OpenVPN files and creates a Docker container for each one. After a successful VPN connection, each container spawns a SOCKS5 proxy server and binds it to a port on the Docker host.

In Tor mode, multiple containers connecioning to the Tor network are stated and can be rotated through, giving you a new egree IP with each request.

Combined with tools like Burp suite or proxychains, this creates your very own (small) private botnet on the cheap.

Password Spraying Blog Post Using DoxyCannon

• VPN Mode

  • A VPN subscription to a provider that distributes *.ovpn files

• Install the required pip modules:

  pip install -r requirements.txt

• Ensure docker is installed and enabled. Refer to the Wiki for installation instructions on Kali/Debian

• proxychains4 is required for interactive mode

• Create an auth.txt file with your ovpn credentials in VPN. The format is:

  username
  password

• Fill the VPN folder with *.ovpn files and ensure that the auth-user-pass directive in your ./VPN/*.ovpn files says auth-user-pass auth.txt

  • Check out this wiki section for installation instructions for individual VPN providers

• Within the VPN folder, you may divide/organize your VPN file into subdirectories and use the --dir flag with the --up or --single commands to only use those configs

  mkdir -p VPN/HMA/US
  mv *.opvn auth.txt VPN/HMA/US
  doxycannon vpn --dir VPN/HMA/US --single

• Alternatively, use the tor subcommand to just spin up tor nodes

  doxycannon tor --nodes 7 --up
  doxycannon tor --single

note: the way proxychains seeds its PRNG to choose a random proxy is not fast enough to ensure each subsequent request goes out through a different IP. You may get between 1-10 requests being made from the same IP. If this is unacceptable, I merged a patch to the original proxychains repo. Download and build from master to get the fix. https://github.com/haad/proxychains

While your containers are up, you can use proxychains to issue commands through random proxies

proxychains4 -q curl -s ipconfig.io/json
proxychains4 -q hydra -L users.txt -p Winter2018 manager.example.com -t 8 ssh

Use the --single flag to create a proxy rotator after bringing up your proxies.

❯❯ ./doxycannon.py [vpn|tor] --up
❯❯ ./doxycannon.py [vpn|tor] --single
[+] Writing HAProxy configuration
[*] Image doxyproxy built.
[*] Staring single-port mode...
[*] Proxy rotator listening on port 1337. Ctrl-c to quit
^C
[*] doxyproxy was issued a stop command
[*] Your proxies are still running.

To see what's happening, checkout out the haproxy folder. Essentially, one is building a layer 4 load-balancer between all the VPNs. This will allow you rotate through your proxies from a single port which means you can point your browsers or BURPSuite instances at it and have every request use a different VPN.

If you want to use a specific proxy, give your utility the proper SOCKS port.

Example: To make a request through Japan, use docker ps and find the local port to which the Japanese proxy is bound.

Configure your tool to use that port:

curl --socks5 localhost:50xx ipconfig.io/json

Once you've built your image and started your containers, run the utility with the --interactive flag to get a bash session where all network traffic is redirected through proxychains4

./doxycannon.py --interactive

pry0cc for the idea

This was originally a fork of pry0cc's ProxyDock. It's been modified to an extent where less than 1% of the original code remains.

• Allow for management of remote doxycannon installs through the Docker API
• Connect to VPN endpoints through TOR when --up --tor is passed
• Interactive mode
• Python management script
• Faster Up/Down Container management
• Dispatch server - (will allow GUI applications to use doxycannon)
• Creates a single local proxy server that dispatches through VPNs