PyMultitor - Python Multi Threaded Tor Proxy
Python Multi Threaded Tor Proxy,
Did you ever want to be at two different places at the same time?
When I asked myself this question, I actually started developing this solution in my mind.
While performing penetration tests there are often problems caused by security devices that block the "attacking" IP.
This really annoyed me, so I wrote a script to supply a solution for this problem.
With a large number of IP addresses performing the attacks, better results are guaranteed - especially when attempting attacks to bypass Web Application Firewalls, Brute-Force type attacks and many more.
[Blackhat Asia] https://www.blackhat.com/asia-17/arsenal.html#pymultitor
[Owasp-IL Presentation] https://www.owasp.org/images/3/3d/OWASPIL-2016-02-02PyMultiTorTomerZait.pdf
[DigitalWhisper Article (Hebrew)] http://www.digitalwhisper.co.il/files/Zines/0x2E/DW46-3-PyMultitor.pdf
sudo apt install -y tor
sudo yum install -y tor
sudo dnf install -y tor
{tor-win32-*_path}\Tor
--tor-cmdargument on pymultitor (for example:
pymultitor --tor-cmd "c:\Pentest\Web\tor-win32-0.2.9.9\Tor\tor.exe")
brew install tor
pip3 install pymultitor
You may need to use
sudo, depending on your Python installation.
git clone https://github.com/realgam3/pymultitor.git cd pymultitorInstall python dependencies.
Depending on your setup, one or both of these may require sudo.
pip3 install -r requirements.txt python3 setup.py install
Confirm that everything works
pymultitor --help
Bug reports on installation issues are welcome!
pymultitor --on-string "Your IP Address Blocked".
http://127.0.0.1:8080).
Your IP Address Blockedwill present in the response content, you will exit from another IP address.
See
--helpfor the complete list, but in short:
usage: pymultitor.py [-h] [-v] [-lh LISTEN_HOST] [-lp LISTEN_PORT] [-s] [-a AUTH] [-i] [-d] [-p PROCESSES] [-c CMD] [-e CONFIG] [--on-count ON_COUNT] [--on-string ON_STRING] [--on-regex ON_REGEX] [--on-rst] [--on-error-code ON_ERROR_CODE]Trigger To Change IP Address
--on-count change ip every x requests (resources also counted) --on-string change ip when string found in the response content --on-regex change ip when regex found in The response content --on-rst change ip when connection closed with tcp rst --on-error-code change ip when a specific status code returned