Defense Evasion with ProxyChains

by Ricardo Reimao

Network security tools are the most common line of defense in a company. In this course, you will learn how to use ProxyChains to re-route your network traffic and bypass such security tools.

What you'll learn

Virtually every company has a at least a firewall solution to prevent hackers from accessing internal servers. As a red team specialist, you job is to simulate a real attack and try to bypass such defense mechanisms. In this course, Defense Evasion with ProxyChains, you will learn how to bypass network defense tools by tunneling the traffic through compromised machines. First, you will explore what network defense evasion is and how ProxyChains can help you to accomplish that. Then, you will see how to obfuscate your real IP address by using ProxyChains and the TOR network. Finally, you will learn how to bypass network segmentation and firewall solutions by using ProxyChains to re-route your traffic through an already compromised machine. This course covers a tactic from the MITRE ATT&CK framework: Network Boundary Bridging (T1599).

Course FAQ

What is ProxyChains?

ProxyChains is a tool that forces any TCP connection made by any given application to go through proxies such as TOR. This allows users to bypass network security measures and evade detection.

What will you learn in this cyber security course?

In this cyber security course, you will learn how to use ProxyChains and TOR to evade network defense tools.

What is TOR?

TOR is a free and open-source software for enabling anonymous communication. It directs internet traffic through a free, worldwide, volunteer overlay network, that consists of more than seven thousand relays that conceal a user's location and usage from anyone conducting network surveillance.

Who is this course for?

This course is for people who want to learn how to use ProxyChains and TOR to evade network security tools.

What are popular network security tools?

Some popular network security tools are: Wireshark, Metasploit, Nessus, Aircrack, Snort, Cain and Abel, Argus, Nagios, Tcpdump, and Splunk.

About the author

Ricardo is a Cybersecurity Consultant based in Toronto (Canada). He has 14+ years of IT experience, 10 of them in the IT Security field. His main interests are: SIEM solutions (IBM QRadar), Enterprise Security Risk, Penetration Testing, Security processes/procedures and Network Security.

Ready to upskill? Get started