Skip to content

0nsec/TorShift

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

11 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

TorShift

Advanced Tor-Based Dynamic IP Rotation Framework for authorized security research and penetration testing.

β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ•—  β–ˆβ–ˆβ•—β–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—
β•šβ•β•β–ˆβ–ˆβ•”β•β•β•β–ˆβ–ˆβ•”β•β•β•β–ˆβ–ˆβ•—β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β–ˆβ–ˆβ•”β•β•β•β•β•β–ˆβ–ˆβ•‘  β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β•β•β•β•šβ•β•β–ˆβ–ˆβ•”β•β•β•
   β–ˆβ–ˆβ•‘   β–ˆβ–ˆβ•‘   β–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•”β•β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—     β–ˆβ–ˆβ•‘   
   β–ˆβ–ˆβ•‘   β–ˆβ–ˆβ•‘   β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•—β•šβ•β•β•β•β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β•     β–ˆβ–ˆβ•‘   
   β–ˆβ–ˆβ•‘   β•šβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•”β•β–ˆβ–ˆβ•‘  β–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘  β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘        β–ˆβ–ˆβ•‘   
   β•šβ•β•    β•šβ•β•β•β•β•β• β•šβ•β•  β•šβ•β•β•šβ•β•β•β•β•β•β•β•šβ•β•  β•šβ•β•β•šβ•β•β•šβ•β•        β•šβ•β•   v2.1.0

Overview

TorShift is a Python-based framework designed for security professionals to perform authorized penetration testing with enhanced anonymity through dynamic IP rotation via the Tor network. The tool provides automatic IP rotation every 5 minutes, comprehensive logging, and OPSEC-focused features for legitimate security research.

asciicast

Key Features

  • Automatic IP Rotation: Built-in 5-minute interval rotation with background monitoring
  • Real-time IP Changes: Seamlessly switches between Tor exit nodes for maximum anonymity
  • Multi-Service IP Verification: Uses multiple services to verify current external IP
  • Comprehensive Logging: Detailed operational logs with timestamps and rotation metrics
  • Interactive Interface: Command-line interface for real-time operations
  • Proxy Integration: ProxyChains4 configuration for external tool integration
  • Security Compliance: Follows security standards (CWE-200, CWE-319, OWASP ASVS)
  • DNS Leak Protection: Built-in DNS leak detection and prevention
  • Circuit Analysis: Detailed Tor circuit path information
  • Automated Operations: Background rotation with configurable intervals (default 5 minutes)

Quick Start

Automatic Setup

# Clone and setup TorShift
git clone https://github.com/0nsec/TorShift.git
cd TorShift
chmod +x setup.sh
./setup.sh

Start Automatic IP Rotation (5 minutes)

# Start auto-rotation with 5-minute intervals
python3 torshift.py --auto-rotate 300

# Or use interactive mode with all features
python3 torshift.py --interactive

Execute Commands Through Rotating Proxy

# Execute nmap through Tor with automatic IP rotation
python3 torshift.py --execute "nmap -sS target.example.com"

# Execute curl to check current IP
python3 torshift.py --execute "curl -s https://httpbin.org/ip"

System Requirements

  • Linux operating system (Ubuntu/Debian recommended)
  • Python 3.7+
  • Tor service
  • ProxyChains4

Installation

1. Install System Dependencies

# Update package list
sudo apt update

# Install Tor and ProxyChains4
sudo apt install tor proxychains4 python3-pip

# Start and enable Tor service
sudo systemctl start tor
sudo systemctl enable tor

2. Configure Tor

Edit Tor configuration file:

sudo nano /etc/tor/torrc

Add the following configuration:

# Control port configuration
ControlPort 9051
HashedControlPassword 16:AEBC98175E7F4A913FD516F2CCAC1B6382F0BB8C44DACFB7BB5AE31F4B
CookieAuthentication 1

# SOCKS proxy
SOCKSPort 9050

# Circuit configuration
NewCircuitPeriod 120
MaxCircuitDirtiness 300
CircuitBuildTimeout 60

# Exit node preferences
ExitNodes {us},{gb},{de},{ca},{au},{se},{nl},{ch}
StrictNodes 0

# Exclude problematic countries
ExcludeExitNodes {cn},{ru},{kp},{ir},{sy},{by}
ExcludeNodes {cn},{ru},{kp},{ir},{sy},{by}

Restart Tor service:

sudo systemctl restart tor

3. Install Python Dependencies

pip3 install -r requirements.txt

4. Verify Installation and Test Auto-Rotation

# Verify all components and see the ASCII banner
python3 torshift.py --verify-install

# πŸ”₯ Start automatic IP rotation (5-minute intervals)
python3 torshift.py --auto-rotate 300

# Interactive mode with full control
python3 torshift.py --interactive

Interactive Mode

Launch the interactive interface:

python3 torshift.py --interactive

Command Line Options

# πŸ”„ Auto-rotation every 5 minutes (recommended)
python3 torshift.py --auto-rotate 300

# 🎯 Single IP rotation
python3 torshift.py --rotate-once

# πŸ–₯️ Interactive mode with all features
python3 torshift.py --interactive

# ⚑ Execute command through rotating proxy
python3 torshift.py --execute "curl -s https://httpbin.org/ip"

# πŸ” Test connectivity through Tor
python3 torshift.py --test-connectivity

# πŸ›‘οΈ DNS leak test
python3 torshift.py --dns-test

# πŸ“Š Generate operational report
python3 torshift.py --generate-report

# 🌍 Exclude specific countries
python3 torshift.py --exclude-countries CN,RU,KP,IR --auto-rotate 300

Integration with Security Tools

TorShift automatically configures ProxyChains for seamless integration:

# Use with nmap (automatic IP rotation in background)
proxychains4 -f /tmp/torshift_proxychains.conf nmap -sS target.example.com

# Use with curl
proxychains4 -f /tmp/torshift_proxychains.conf curl -s https://httpbin.org/ip

# Use with any security tool while IP rotates every 5 minutes
proxychains4 -f /tmp/torshift_proxychains.conf your-security-tool

# Or execute directly through TorShift for automatic proxy configuration
python3 torshift.py --execute "your-security-tool"

OPSEC Guidelines

  • Verify IP rotation between operations
  • Monitor for DNS leaks regularly
  • Use appropriate rotation intervals for your use case
  • Avoid predictable patterns in testing activities
  • Keep detailed logs for compliance purposes

Country Exclusions

The tool automatically excludes exit nodes from high-risk countries by default:

  • China (CN)
  • Russia (RU)
  • North Korea (KP)
  • Iran (IR)
  • Syria (SY)
  • Belarus (BY)

Advanced Configuration

Auto-Rotation Settings

# Configuration via environment variables
export TORSHIFT_ROTATION_INTERVAL=300  # 5 minutes
export TORSHIFT_MAX_ATTEMPTS=3
export TORSHIFT_BLOCKED_COUNTRIES="CN,RU,KP,IR,SY,BY"

# Or use command line options
python3 torshift.py --auto-rotate 300 --exclude-countries CN,RU,KP,IR

Monitoring Rotation Status

# Generate detailed operational report
python3 torshift.py --generate-report

# Expected output includes:
# - Current IP and rotation count
# - Uptime and rotation metrics  
# - Previous IPs used
# - Blocked countries list
# - Auto-rotation status

Environment Variables

  • TOR_CONTROL_PORT: Tor control port (default: 9051)
  • TOR_PROXY_PORT: Tor SOCKS port (default: 9050)
  • TOR_PASSWORD: Tor control password

Log Files

Logs are stored in ~/.torshift/logs/ with timestamps for audit purposes.

Troubleshooting

Common Issues

  1. Tor service not running:

    sudo systemctl status tor
    sudo systemctl start tor
  2. Control port authentication failed:

    • Verify Tor configuration in /etc/tor/torrc
    • Check control port password setup
  3. IP rotation not working:

    • Verify Tor circuits are building properly
    • Check network connectivity
    • Ensure sufficient exit nodes available
  4. DNS leaks detected:

    • Verify DNS configuration
    • Check ProxyChains configuration
    • Ensure system DNS is not bypassing proxy

Standards Compliance

  • CWE-200: Information Exposure Prevention
  • CWE-319: Cleartext Transmission Mitigation
  • OWASP ASVS V9.2.1: Network Communications Security
  • NIST SP 800-115: Information Security Testing Compliance

Author

Developed by 0nsec Security Research Team for the security community. Remember: This tool is for authorized security professionals only. Use responsibly.

β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ•—   β–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•— β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—
β–ˆβ–ˆβ•”β•β–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ•—  β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β•β•β•β–ˆβ–ˆβ•”β•β•β•β•β•β–ˆβ–ˆβ•”β•β•β•β•β•
β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β–ˆβ–ˆβ•— β–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—  β–ˆβ–ˆβ•‘     
β–ˆβ–ˆβ–ˆβ–ˆβ•”β•β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•‘β•šβ–ˆβ–ˆβ•—β–ˆβ–ˆβ•‘β•šβ•β•β•β•β–ˆβ–ˆβ•‘β–ˆβ–ˆβ•”β•β•β•  β–ˆβ–ˆβ•‘     
β•šβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•”β•β–ˆβ–ˆβ•‘ β•šβ–ˆβ–ˆβ–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•‘β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—β•šβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ•—
 β•šβ•β•β•β•β•β• β•šβ•β•  β•šβ•β•β•β•β•šβ•β•β•β•β•β•β•β•šβ•β•β•β•β•β•β• β•šβ•β•β•β•β•β•

About

TorShift is a Python-based framework designed for security professionals to perform authorized penetration testing with enhanced anonymity through dynamic IP rotation via the Tor network.

Topics

Resources

Stars

2 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors