Active 2024-09-01

Warp Pipe Tester

Network tunnel and port forwarding testing utility for validating connectivity and data exfiltration paths.

networking tunneling port-forwarding python red-team
View on GitHub
Quickstart
Get started instantly
curl -O https://raw.githubusercontent.com/MHaggis/notes/master/utilities/warp_pipe_tester.py && python3 warp_pipe_tester.py

The Problem

Testing network tunnels, port forwards, and data exfiltration paths requires manual setup and validation. Defenders need to understand which tunneling methods work in their environment, and red teams need to quickly identify viable exfiltration channels.

The Solution

Warp Pipe Tester automates the testing of various tunneling and port forwarding techniques, including SSH tunnels, reverse tunnels, SOCKS proxies, and custom protocols. It validates connectivity and measures throughput for each method.

Impact

Helps security teams understand their network egress controls and identify potential data exfiltration paths. Used by both attackers to find working tunnels and defenders to validate network security controls.

Tunneling Methods

SSH Tunneling

  • Local Port Forward - -L tunneling
  • Remote Port Forward - -R tunneling
  • Dynamic Port Forward - SOCKS proxy
  • Jump Host Chains - Multi-hop tunneling

Custom Protocols

  • HTTP tunneling
  • DNS tunneling
  • ICMP tunneling
  • Custom protocol wrapping

Proxy Methods

  • SOCKS4/5 proxies
  • HTTP CONNECT proxies
  • Transparent proxies
  • Chain proxying

Features

Automated Testing

  • Test multiple tunnel types
  • Validate connectivity
  • Measure throughput
  • Detect filtering

Connectivity Validation

  • Port reachability tests
  • Protocol validation
  • Bandwidth measurement
  • Latency testing

Evasion Techniques

  • Protocol obfuscation
  • Traffic shaping
  • Timing randomization
  • Fragmentation

Detailed Reporting

  • Working tunnel methods
  • Blocked protocols
  • Performance metrics
  • Recommendations

Use Cases

Red Team Operations

Identify working data exfiltration channels.

Network Security Assessment

Test egress filtering and DLP controls.

Incident Response

Understand attacker tunneling capabilities.

Security Control Validation

Verify network security controls block tunneling.

Test Scenarios

Basic Connectivity

# Test basic SSH tunnel
test_ssh_tunnel("target.com", 22, "local_port", "remote_port")

SOCKS Proxy

# Test dynamic port forwarding
test_socks_proxy("target.com", 1080)

HTTP Tunnel

# Test HTTP CONNECT tunneling
test_http_tunnel("proxy.com", 8080, "target.com", 443)

Detection Opportunities

The tool helps identify:

  • Unusual SSH connection patterns
  • Long-lived connections
  • High data volume transfers
  • Non-standard ports
  • Protocol anomalies

Network Controls Tested

  • Egress filtering
  • DLP solutions
  • Proxy enforcement
  • Protocol inspection
  • Connection limits

Safe Testing

  • Non-destructive tests
  • Configurable timeouts
  • Bandwidth limits
  • Audit logging
  • Cleanup on exit

Requirements

  • Python 3.6+
  • SSH client (for SSH tunnels)
  • Network connectivity
  • Appropriate permissions

Test your network tunnels

Get Started Report Issue

Related Modules

Active

NEBULA

Interactive PowerShell framework for testing WMI, COM, LOLBAS, and persistence techniques. Built for red team testing and defense validation.

powershell red-team wmi lolbas +2
View Module → GitHub