FireProx – AWS API Gateway Tool to Rotate Source IP

FireProx leverages the AWS API Gateway to create pass-through proxies that rotate the source IP address with every request. Use FireProx to create a proxy URL that points to a destination server and then make web requests to the proxy URL which returns the destination server response!

FireProx – AWS API Gateway to Rotate Source IP

Some of the supported features with this tool are:

  • Rotates IP address with every request
  • Configure separate regions
  • All HTTP methods supported
  • All parameters and URI’s are passed through
  • Create, delete, list, or update proxies
  • Spoof X-Forwarded-For source IP header by requesting with an X-My-X-Forwarded-For header

Changing the source IP will make the blocking based on source IP not effective and attacker may complete required scan without interruptions. IPS or web application firewalls will apply a deny against the attacker source IP for a specific period for example 10 minutes while if attacker rotating the IP for each request this will not affect the scanner.

Use of this tool on systems other than those that you own are likely to violate the AWS Acceptable Use Policy and could potentially lead to termination or suspension of your AWS account. Further, even use of this tool on systems that you do own, or have explicit permission to perform penetration testing on, is subject to the AWS policy on penetration testing.

You can read more and download this tool over here:

Notify of
Inline Feedbacks
View all comments