A fire and forget command-line tool to allow for easy transitions of VPN connections between a pool of AWS machines.

Related tags

Networkingvpn-swapper
Overview

VPN Swapper

A fire and forget command-line tool to allow for easy transitions of VPN connections between a pool of AWS machines.

Dependencies

  • poetry - Recommended installation via pip
  • wireguard-tools - Recommended installation via brew
  • awscli - Recommended installation via brew
  • terraform - Recommended installation via brew

Setup

  1. Make sure to setup an AWS profile in awscli that has the following security policy attached: AmazonEC2FullAccess

  2. Setup a config.json file in ~/.vpn-swapper. An example can be found in config.json.example.

  3. Run the following commands to set up terraform:

cd infra
terraform init
terraform plan -out theplan
terraform apply theplan

NOTE: When running terraform plan -out theplan the variable for ingress ips need to be entered as an array of CIDR block strings. Ex: ["xxx.xxx.xxx.xxx/32"]

Running

Install dependencies:

poetry install

To connect to a VPN (or switch to a new VPN):

poetry run python3 -m vpn_swapper

Shutting Down

To disconnect from all VPN's:

poetry run python3 -m vpn_swapper --terminate

To teardown AWS infrastructure:

terraform destroy

Caveats

The VPN built here is designed for IPv4 only. Make sure to disable IPv6 on any machine you use this on or it will leak

Development

The build tools can be downloaded with

poetry install --dev

The code is linted with flake8, which can be run with

poetry run flake8

The code is tested with pytest, which can be run with

poetry run pytest -v
Owner
Workday
Workday
GitHub Repository
A simple DHCP server and client simulation with python

About The Project This is a simple DHCP server and client simulation. I implemented it for computer network course spring 2021 The client can request

shakiba 3 Feb 08, 2022
This is the code repository for the USENIX Security 2021 paper, "Weaponizing Middleboxes for TCP Reflected Amplification".

weaponizing-censors Censors pose a threat to the entire Internet. In this work, we show that censoring middleboxes and firewalls can be weaponized by

UMD Breakerspace 119 Dec 31, 2022
An HTML interface for finetuning the sync map output from aeneas

finetuneas 3.0 finetuneas is a simple HTML interface for fine tuning sync maps output by aeneas Version 3.0 Easier adjusting time: following cells wil

Firat Özdemir 50 Mar 12, 2022
This is simple script that changes the config register of a cisco router over serial so that you can reset the password

Cisco-router-config-bypass-tool- This is simple script that changes the config register of a cisco router over serial so that you can bypass the confi

James 1 Jan 02, 2022
Automated network configuration backups using Github actions and git-scraping

Network Config Scraper This repository demonstrates the use of Github Actions and git-scraping to build an automated backup solution for network confi

WWT 19 Dec 14, 2022
Python Program to connect to different VPN servers autoatically using Windscribe VPN.

AutomateVPN What is VPN ? VPN stands for Virtual Private Network , it is a technology that creates a safe and encrypted connectionover a less secure n

Vivek 1 Oct 27, 2021
An automatic web reconnaissance tool written in python3.

WebRecon is an automatic web reconnaissance tool written in python3. Provides a command line interaction similar to msfconsole. The Exasmple.py file is provided, and you can write your own scripts yo

prophet 1 Feb 06, 2022
Tripwire monitors ports and icmp to send the admin a message if somebody is scanning a machine that shouldn't be touched

Tripwire monitors ports and icmp to send the admin a message if somebody is scanning a machine that shouldn't be touched

3 Apr 05, 2022
ThorFI: A Novel Approach for Network Fault Injection as a Service

ThorFI: a Novel Approach for Network Fault Injection as a Service This repo includes ThorFI, a novel fault injection solution for virtual networks in

DESSERT research lab (Federico II University of Naples, Italy) 6 Dec 14, 2022
PoC code for stealing the WiFi password of a network with a Lovebox IOT device connected

LoveBoxer PoC code for stealing the WiFi password of a network with a Lovebox IOT device connected. This PoC was is what I used in this blogpost Usage

Graham Helton 10 May 24, 2022
Mass querying whois records using whois tool

Mass querying whois records using whois tool

Mohamed Elbadry 24 Nov 10, 2022
A lightweight python script that can monitor the T-Mobile Home Internet Nokia 5G Gateway for band and connectivity and reboot as needed.

tmo-monitor A lightweight Python 3 script that can monitor the T-Mobile Home Internet Nokia 5G Gateway for band and connectivity and reboot as needed.

61 Dec 17, 2022
Converts from PC formatted MAC addresses (hardware addresses) to Cisco format or vice-versa

MAC-Converter Converts from PC formatted MAC addresses (hardware addresses) to Cisco format or vice-versa Stores the results to a file in the same dir

Stew Alexander 0 Dec 24, 2022
Autopen is a very modular tool that automates the execution of scans during a penetration test.

Autopen Autopen is a very modular tool that automates the execution of scans during a penetration test. A Nmap scan result in the form of an XML file

2 Dec 22, 2021
This script will make it easier to connect to any wireguard vpn config

wireguard-linux-python-script-vpn This script will make it easier to connect to any wireguard vpn config also u will need your wireguard vpn from your

Jimo 1 Sep 21, 2022
Exfiltrate files using the HTTP protocol version ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1)

http-protocol-exfil Use the HTTP protocol version to send a file bit by bit ("HTTP/1.0" is a 0 and "HTTP/1.1" is a 1). It uses GET requests so the Blu

Ricardo Ruiz 23 Apr 30, 2022
telnet implementation over TCP socket with python

This a P2P implementation of telnet. This program transfers data on TCP sockets as plain text

10 May 19, 2022
A great python/java dynamic DNS service for NameSilo, with log, email reminder...

English NameSilo DDNS is a DDNS service for NameSilo domain names for home broadband , it can automatically detect IP changes in home broadband

云牧青 77 Dec 28, 2022
Python tutorial for implementing Oxylabs' Residential Proxies with AIOHTTP

Integrating Oxylabs' Residential Proxies with AIOHTTP Requirements for the Integration For the integration to work you'll need to install aiohttp libr

Oxylabs.io 6 Sep 14, 2022
Typhon is a macOS specific payload aimed at targetting Jamf managed devices.

Typhon is a macOS specific payload aimed at targetting Jamf managed devices. This payload can be used to manipulate macOS devices into communicating with a Mythic instance, which acts as a Jamf serve

Mythic Agents 29 Dec 23, 2022