Eight excellent open source intranet penetration tools

Intranet penetration (NAT penetration) is a technology that exposes local network services to the Internet. This technology can effectively solve the resource sharing problem in many LANs. By using routing, a computer is turned into a "router" and the public network address is converted into an internal network address, so that the LAN resources can be accessed through the Internet.

Intranet penetration has many application scenarios, such as:

• Remote work: Sometimes you need to work remotely from home and need to access the company's internal servers or resources in the LAN. Remote work can be easily achieved using intranet penetration technology.
• Remote development and debugging: When developing Web applications, it is often necessary to test them on mobile devices. Through intranet penetration technology, the server-side development environment can be exposed to the public Internet, making it easier to debug on mobile devices and improve development efficiency.
• Home server management: We have set up NAS storage, smart home control systems and other devices at home. When we are away from home, we can access the home server securely on the Internet through the intranet and remotely manage data and devices.
• Cloud server access: For cloud servers, sometimes we need to access databases, files or other services. Through intranet penetration, we can directly access the resources inside the cloud server, saving time and cost.
• LAN game connection: Intranet penetration allows multiple devices to play online games in the same LAN. In this way, even if the devices are not in the same network, a virtual LAN can be established through intranet penetration to realize the function of online games.

Although intranet penetration brings a lot of convenience to accessing the LAN through the Internet, intranet penetration technology breaks the boundaries of the intranet and can easily bring various risks to the intranet. In addition, intranet penetration relies on servers on the Internet, which is also a test for network stability. Therefore, it is necessary to comprehensively consider the application scenario and security requirements when using it.

There are many intranet penetration tools, such as Peanut Shell, Ngrok, etc. However, this article mainly recommends some open source internal and external penetration tools to facilitate building private network channels.

1.Fast Reverse Proxy (FRP)

GitHub: https://github.com/fatedier/frp

Documentation: https://gofrp.org/zh-cn/docs/

frp is a fast reverse proxy that allows local servers located behind a LAN or firewall to be exposed to the Internet. It currently supports TCP and UDP, as well as HTTP and HTTPS protocols. This tool enables network requests to be forwarded to internal services via domain names. In addition, FRP also provides P2P connection mode, stream encryption, load balancing, custom domain names and other functions.

FRP is written in Golang, so it supports operating systems such as Linux, Windows, Mac, etc.

2. Localtunnel

GitHub: https://github.com/localtunnel/localtunnel

localtunnel is a tool that can expose local services to the Internet. It is very suitable for browser testing, external API callback services, etc.

Localtunnel-server provides a simple command line interface that is very easy to use for beginners. To use Localtunnel-server, you must first install Node.js and npm on your system. Once started, the Localtunnel client will create a public URL pointing to the local web server.

3. Chisel

GitHub: https://github.com/jpillora/chisel

Chisel is an open source network tunneling solution developed in Golang. It supports multiple protocols such as TCP, HTTP, and WebSockets. Chisel provides a simple command line interface, which makes it easy for developers to get started. It also supports automatic reconnection with the client to ensure stable operation.

Chisel's main advantage is that it is fast, so it supports sending large amounts of data securely and quickly.

4. Rathole

GitHub: https://github.com/rapiz1/rathole

Rathole is an open source tunneling solution written in Rust that also has reverse proxy capabilities. It can establish connections with applications and devices behind NAT firewalls over the Internet.

The unique and outstanding feature of Rathole is its low resource consumption.

5.FastTunnel

GitHub: https://github.com/FastTunnel/FastTunnel

FastTunnel is a high-performance, cross-platform intranet penetration tool. Its main function is to securely expose intranet services to the public network, allowing users or others to access these services from anywhere. Unlike other penetration tools, FastTunnel is committed to providing an intranet penetration framework that is easy to expand and maintain, enabling users to build customized penetration applications according to their needs and add business extension functions. The tool is developed using .Net Core, so it can be deployed on different operating systems, including Windows, Linux, and macOS. This makes FastTunnel a powerful solution for a variety of application scenarios. Whether it is a developer who needs to expose local services remotely or an advanced user who needs to create a custom intranet penetration solution, FastTunnel provides a convenient and high-performance option.

6.sshuttle

GitHub: https://github.com/sshuttle/sshuttle

A transparent proxy server that can be used as a low-cost VPN implementation. It supports SSH forwarding, DNS tunneling, and systems such as Linux and MacOS.

7.Bore

GitHub: https://github.com/ekzhang/bore

Bore is a simple TCP tunneling tool developed in Rust that can expose local ports to remote servers, bypassing standard NAT connection firewalls.

8. Zrok

GitHub: https://github.com/openziti/zrok

Zrok is a next-generation peer-to-peer sharing platform built on OpenZiti. OpenZiti is a programmable zero-trust network, and Zrok is a native application under Ziti. Zrok allows users to share resources under network protocols such as HTTP, TCP, and UDP. Zrok also allows users to share files, web content, and other resources in a peer-to-peer manner.