Skip to content

Latest commit

 

History

History
51 lines (32 loc) · 2.94 KB

README.md

File metadata and controls

51 lines (32 loc) · 2.94 KB
description
OpSec is everything

🌩 Covert Cloud Infrastructure

Operational Security Considerations

  • Connect to VPN before Tor
  • When using Tor, we need to be aware that the VPN IP address will be visible, not our actual external IP address
  • This way your ISP is entirely unknowing of your usage of Tor
  • Connect to VPS after Tor -- Only the VPS will see our exit node IP address obtained from Tor

Topology

Original IP Address -> Connect to VPN -> Connect to Tor -> SSH into VPS over Tor

  • In the event that the VPS is compromised, the attacker will not be able to trace your IP address back to you due to all of the obfuscation techniques in play

The Setup

The infrastructure will consist of a multitude of technologies where we can establish a layered-security approach. Ultimately, we will SSH into or utilize proxychains with our command syntax to route all traffic through our server as a proxy. I want to create a VPN concentrator as well as a proxy for us to route all of our traffic through.

I am still up in the air on weather or not we should utilize Tor.

Keep in mind that a VPN will ACTIVELY encrypt all communications whereas a proxy will not.

  • These servers will provide us with a reliable and stable gateway to our attack infrastructure
  • We would SSH into the server after ensuring our VPN or Tor connection has been established
  • Store necessary tools on the server to ensure proper OpSec and that nothing can be locally traced back to us in any way

OpSec Checklist

  1. Connect to VPN
  2. Conduct DNS Leak Test and be sure to curl ifconfig.me to ensure that your IP is that of the VPN you are connecting to
  3. SSH into the attack infrastructure
  4. Begin operating

Choosing Providers

I noticed that when it comes to security/privacy, there's always pro's and cons; choosing a cloud provider can come down to a bitter trade off of supporting much more anonymous cryptocurrency payment options or the ease of automation.

Cloud Providers some additional options (Although expensive):

  • BitLaunch – Bitcoin payments and spawns servers on DigitalOcean/Linode
  • Bithost – Similar

VPN Providers: