Create a secure tunnel from a custom domain to localhost using Fly and WireGuard.

Overview

Fly Dev Tunnel

Developers commonly use apps like ngrok, localtunnel, or cloudflared to expose a local web service at a publicly-accessible URL. This is useful for developing with HTTPS or sharing a site preview with a colleague or client.

By utilizing Fly, WireGuard, and a reverse proxy, you can achieve something similar with the added benefits of a custom domain and subdomains mapped to specific ports. Best of all, it’s free as long as you stay within Fly’s generous limits.

1. Install flyctl, the Fly command-line utility

Follow the instructions for your OS. After installation, run flyctl auth login to sign up or sign in.

2. Connect to Fly via WireGuard

Install WireGuard for your OS. Next, run flyctl wireguard create to create a WireGuard config. Use the following settings:

Region: dev
DNS name for peer: 
Filename: fly.conf

Note: The default config sets Fly as your DNS resolver. If you don’t need Fly’s internal DNS features, edit fly.conf and comment out the DNS line with a pound sign (#).

Finally, setup the tunnel in WireGuard:

  • On Mac or Windows, open the WireGuard app and click Import Tunnel(s) from File. Once imported, click Activate to connect.
  • On Linux, use the command line.

3. Create the reverse proxy app

Run mkdir tunnel && cd tunnel to create an empty app folder. Run flyctl init to create a fly.toml config file. Use the following settings

App name: 
Select builder: Image
Select image: lukelambert/fly-dev-tunnel
Internal port: 8080

4. Configure the reverse proxy

The reverse proxy is configured using two environment variables:

  • SUBDOMAINS: A comma-separated list in the format subdomain:local_port. An underscore (_) matches the default (catch all) domain.
  • UPSTREAM: The internal hostname of your local machine on the WireGuard network. Use the format your-machine-name._peer.internal with the name chosen in step 2.

Edit fly.toml and add the following lines at the bottom, replacing the values with your own:

[experimental]
  private_network = "true"

[env]
  SUBDOMAINS = "_:8000"
  UPSTREAM = "your-machine-name._peer.internal"

5. Deploy the reverse proxy

Run flyctl deploy. Once the app is deployed, you should have a tunnel from https://your-app-name.fly.dev to port 8000 on your local machine.

6. (Optional) Connect custom (sub)domains

Visit the Apps dashboard and select your app. Under the Certificates section, follow the instructions to add a custom domain. You can also add a wildcard subdomain, but this incurs a monthly fee. To map subdomains to ports, update your fly.toml and re-run flyctl deploy. Example:

[experimental]
  private_network = "true"

[env]
  SUBDOMAINS = "_:8000,app1:9001,app2:9002"
  UPSTREAM = "your-machine-name._peer.internal"

Notes

All traffic is proxied over IPv6, so your web service should bind to an IPv6 address. To take down the tunnel and prevent traffic from reaching your machine, simply deactivate the WireGuard tunnel.

Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary.

Midas ELF64 Injector Description Midas ELF64 Injector is a tool that will help you inject a C program from source code into an ELF64 binary. All you n

midas 20 Dec 24, 2022
exchange-ssrf-rce

Usage python3 .\exchange-exp.py -------------------------------------------------------------------------------- |

Jen 76 Nov 09, 2022
On-demand scanning for container registries

Lacework registry scanner Install & configure Lacework CLI Integrate a Container Registry Go to Lacework Resources Containers Container Image In

Will Robinson 1 Dec 14, 2021
proxyshell payload generate

Py Permutative Encoding https://docs.microsoft.com/en-us/openspecs/office_file_formats/ms-pst/5faf4800-645d-49d1-9457-2ac40eb467bd Generate proxyshell

Evi1cg 63 Nov 15, 2022
Ini membuat tema berbasis bendera Indonesia with Python + Linux.py

tema Ubah Tema Termux Menjadi Linux Ubah Font Termux Jadi Linux dibuat oleh wahyudioputra INSTALL pkg update && pkg upgrade pkg install python pkg ins

wahyudioputra 2 Nov 30, 2021
Yesitsme - Simple OSINT script to find Instagram profiles by name and e-mail/phone

Simple OSINT script to find Instagram profiles by name and e-mail/phone

108 Jan 07, 2023
Data Recovery from your broken Android phone

Broken Phone Recovery a guide how to backup data from your locked android phone if you broke your screen (and more) you can skip some steps depending

v1nc 25 Sep 23, 2022
POC using subprocess lib in Python 🐍

POC subprocess ☞ POC using the subprocess library with Python. References: https://github.com/GuillaumeFalourd/poc-subprocess https://geekflare.com/le

Guillaume Falourd 2 Nov 28, 2022
Get related domains / subdomains by looking at Google Analytics IDs

DomainRelationShips ██╗ ██╗ █████╗ ██╗██████╗ ██║ ██║██╔══██╗ ██║██╔══██╗ ██║ ██║█████

Josué Encinar 161 Jan 02, 2023
A token logger for discord + steals Brave/Chrome passwords and usernames

Backdoor Machine - ❗ For educational purposes only ❗ A program made in python for stealing passwords and usernames from Google Chrome/Brave and tokenl

36 Jul 18, 2021
将hw时信息收集以及简单的漏洞操作步骤简单化

Braised-vegetables 将hw时信息收集以及简单的漏洞扫描操作步骤简单化 使用subfinder(被动子域名爆破收集) subdomain(主动域名爆破) nabbu(端口扫描) httpx(探测目录浏览) crawlergo(360深度爬虫) chorme(谷歌浏览器) xray(漏

19 Nov 15, 2022
A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities

Shodan Quick Recon A Python Tool that uses Shodan API's to perform quick recon for vulnerabilities Configuration You must edit the python code, and in

Black Hat Ethical Hacking 5 Aug 09, 2022
Simulating Log4j Remote Code Execution (RCE) vulnerability in a flask web server using python's logging library with custom formatter that simulates lookup substitution by executing remote exploit code.

py4jshell Simulating Log4j Remote Code Execution (RCE) CVE-2021-44228 vulnerability in a flask web server using python's logging library with custom f

Narasimha Prasanna HN 86 Aug 21, 2022
Trainspotting - Python Dependency Injector based on interface binding

Choose dependency injection Friendly with MyPy Supports lazy injections Supports

avito.tech 3 Jan 26, 2022
Brute-Force-Connected

Brute-Force-Connected Guess the password for Connected accounts the use : Create a new file and put usernames and passwords in it Example : joker:1234

4 Jun 05, 2022
Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)

使用方法&免责声明 该脚本为Apache Flink 目录遍历漏洞批量检测 (CVE-2020-17519)。 使用方法:Python CVE-2020-17519.py urls.txt urls.txt 中每个url为一行,漏洞地址输出在vul.txt中 影响版本: Apache Flink 1

45 Sep 21, 2022
HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures.

HatVenom HatSploit native powerful payload generation and shellcode injection tool that provides support for common platforms and architectures. Featu

EntySec 100 Dec 23, 2022
ProxyShell POC Exploit : Exchange Server RCE (ACL Bypass + EoP + Arbitrary File Write)

ProxyShell Install git clone https://github.com/ktecv2000/ProxyShell cd ProxyShell virtualenv -p $(which python3) venv source venv/bin/activate pip3 i

Poming huang 312 Dec 09, 2022
Security system to prevent Shoulder Surfing Attacks

Surf_Sec Security system to prevent Shoulder Surfing Attacks. REQUIREMENTS: Python 3.6+ XAMPP INSTALLED METHOD TO CONFIGURE PROJECT: Clone the repo to

Aman Anand 1 Jan 27, 2022
Enhancing Twin Delayed Deep Deterministic Policy Gradient with Cross-Entropy Method

Enhancing Twin Delayed Deep Deterministic Policy Gradient with Cross-Entropy Method Hieu Trung Nguyen, Khang Tran and Ngoc Hoang Luong Setup Clone thi

Evolutionary Learning & Optimization (ELO) Lab 6 Jun 29, 2022