hideNsneak is an app that assists in managing attack infrastructure for penetration testers. It provides an interface which allows you to rapidly deploy, manage, and take down various cloud services, including:
- VMs, domain fronting, Cobalt Strike servers, API gateways, and firewalls.
hideNsneak: A CLI For Ephemeral Penetration Testing
hideNseek provides a simple interface that allows penetration testers and system administrators to build ephemeral infrastructure with minimal overhead.
- Proxy through infrastructure
- Deploys C2 redirectors
- Sends and receives files
- Port scanning via
- Remote installations of Burp Collab, Cobalt Strike, Socat, LetsEncrypt, GoPhish, and SQLMap
- Works with teams teams
hideNsneak Install/Setup (running locally)
Current Limitations and Requirements:
Ubuntu 16.04 Linux.
- Setup on your local system: Linux and Mac only.
- VPS Providers: AWS and Digital Ocean only.
- Make sure that go is installed, the GOPATH environment variable must be set.
Create a new AWS S3 bucket in
us-east-1 and ensure this is not public as it will hold your
terraform state. Then go get
hideNsneak and run the installation, as follows:
$ go get github.com/rmikehodges/hideNsneak $ cd $GOPATH/src/github.com/rmikehodges/hideNsneak $ ./setup.sh $ cp config/example-config.json config/config.json
Fill in the values:
do_userare required at minimum
- all operators working on the same state must have config values filled in all the same fields
- private and public keys must be the same for each operator
Now you can use the program by running:
$ ./hidensneak [command]
To list all available commands, run
help. You can also run
help after any command to get guidance on what flags to use.
hidensneak instance deploy hidensneak instance destroy hidensneak instance list hidensneak api deploy hidensneak api destroy hidensneak api list hidensneak domainfront enable hidensneak domainfront disable hidensneak domainfront deploy hidensneak domainfront destroy hidensneak domainfront list hidensneak firewall add hidensneak firewall list hidensneak firewall delete hidensneak exec command -c hidensneak exec nmap
hidensneak exec cobaltstrike-run hidensneak exec collaborator-run hidensneak socks deploy hidensneak socks list hidensneak socks destroy hidensneak socks proxychains hidensneak socks socksd hidensneak install burp hidensneak install cobaltstrike hidensneak install socat hidensneak install letsencrypt hidensneak install gophish hidensneak install nmap hidensneak install sqlmap hidensneak file push hidensneak file pull
_terraform– terraform modules
_ansible– ansible roles and playbooks
_assets– random assets for the beauty of this project
_cmd– frontend interface package
_deployer– backend commands and structs
main.go– where the magic happens
You may encounter some
terraform errors indicating a resource is not found. In that case you may need to remove the problematic terraform resources, as follows:
$ cd $GOPATH/src/github.com/rmikehodges/hideNsneak/terraform $ terraform state rm <name of problem resource>
You may also encounter the following error:
Error: configuration for
module name hereis not present; a provider configuration block is required for all operations
This is usually due to artifacts being left in the state from old deployments. You can remove those artifacts from your state, as follows:
$ cd $GOPATH/src/github.com/rmikehodges/hideNsneak/terraform $ terraform state rm <module or resource name>
Error: Error locking state: Error acquiring the state lock: ConditionalCheckFailedException: The conditional request failed status code: 400, request id: P7BUM7NA56LQEJQC20A3SE2SOVVV4KQNSO5AEMVJF66Q9ASUAAJG Lock Info: ID: 4919d588-6b29-4aa7-d917-2bcb67c14ab4
If above error doesn’t go away after another user has finished deploying, then it is usually due to to
terraform not automatically unlocking your state in the face of errors. You can fix by running the following:
$ terraform force-unlock <ID> $GOPATH/src/github.com/rmikehodges/hideNsneak/terraform