hideNsneak application assists in managing attack infrastructure for penetration testers by providing an interface to rapidly deploy, manage, and take down various cloud services. These include VMs, domain fronting, Cobalt Strike servers, API gateways, and firewalls.
hideNsneak provides a simple interface that allows penetration testers to build ephemeral infrastructure — one that requires minimal overhead. hideNsneak can:
deploy
, destroy
, and list
A few disclosures for V 1.0:
Ubuntu 16.04 Linux
.us-east-1
go get github.com/rmikehodges/hideNsneak
cd $GOPATH/src/github.com/rmikehodges/hideNsneak
./setup.sh
cp config/example-config.json config/config.json
./hidensneak [command]
Also ReadDoor404 – Door404 is Open Source Project
hidensneak help
–> run this anytime to get available commandshidensneak instance deploy
hidensneak instance destroy
hidensneak instance list
hidensneak api deploy
hidensneak api destroy
hidensneak api list
hidensneak domainfront enable
hidensneak domainfront disable
hidensneak domainfront deploy
hidensneak domainfront destroy
hidensneak domainfront list
hidensneak firewall add
hidensneak firewall list
hidensneak firewall delete
hidensneak exec command -c
hidensneak exec nmap
hidensneak exec socat-redirect
hidensneak exec cobaltstrike-run
hidensneak exec collaborator-run
hidensneak socks deploy
hidensneak socks list
hidensneak socks destroy
hidensneak socks proxychains
hidensneak socks socksd
hidensneak install burp
hidensneak install cobaltstrike
hidensneak install socat
hidensneak install letsencrypt
hidensneak install gophish
hidensneak install nmap
hidensneak install sqlmap
hidensneak file push
hidensneak file pull
For all commands, you can run --help
after any of them to get guidance on what flags to use.
_terraform
–> terraform modules_ansible
–> ansible roles and playbooks_assets
–> random assets for the beauty of this project_cmd
–> frontend interface package_deployer
–> backend commands and structsmain.go
–> where the magic happensGoogle Domain Fronting
A default security group hideNsneak
is made in all AWS regions that is full-open. All instances are configured with iptables
to only allow port 22/tcp upon provisioning.
If your program starts throwing terraform errors indicating a resource is not found, then you may need to remove the problematic terraform resources. You can do this by running the following:
cd $GOPATH/src/github.com/rmikehodges/hideNsneak/terraform
terraform state rm <name of problem resource>
This resource will need to be cleaned up manually if it still exists.
Error: configuration for module name here
is not present; a provider configuration block is required for all operations
This is usually due to artifacts being left in the state from old deployments. Below are instructions on how to remove those artifacts from your state. If they are live resources, they will need to be manually destroyed via the cloud provider’s administration panel.
cd $GOPATH/src/github.com/rmikehodges/hideNsneak/terraform
terraform state rm <module or resource name>
Error: Error locking state: Error acquiring the state lock: ConditionalCheckFailedException: The conditional request failed status code: 400, request id: P7BUM7NA56LQEJQC20A3SE2SOVVV4KQNSO5AEMVJF66Q9ASUAAJG Lock Info: ID: 4919d588-6b29-4aa7-d917-2bcb67c14ab4
If this does not go away after another user has finished deploying then it is usually due to to Terraform not automatically unlocking your state in the face of errors. This can be fixed by running the following:
terraform force-unlock <ID> $GOPATH/src/github.com/rmikehodges/hideNsneak/terraform
Note that this will unlock the state so it may have an adverse affect on any other writes happening in the state so make sure your other users are not actively deploying/destroying anything when you run this.
Kali Linux 2024.4, the final release of 2024, brings a wide range of updates and…
This Go program applies a lifetime patch to PowerShell to disable ETW (Event Tracing for…
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory…
Across small-to-medium enterprises (SMEs) and managed service providers (MSPs), the top priority for cybersecurity leaders…
The free and open-source security platform SecHub, provides a central API to test software with…
Don't worry if there are any bugs in the tool, we will try to fix…