Ready to Start Your Career?

Question About Being Anonymous Online During A Pentest

Author's profile image

January 1, 2016

Hey guys, hope you're all staying busy. I know I am. After the OSCP continuing with eLearnSecurity Practical Network Defense and Web Application Pentesting, Cybrary, Udemy and a lot more other stuff. During my studies a question came up about staying anonymous on the Internet. So I know that an IP address has to be given to the client/customer, which is the IP address you will be doing the pentest from, but if you don't want to give that away (because it's your home IP) or the IP address changes (of course, you can use a DDNS such as, but you end up using some VPN IP address to stay anonymous online, some of these make it very hard to open one or more ports online, then what do you guys do? What VPN service do you use? Of course, I can google these things up, but I am sure there are pentesters here that can give a good advice or share a common practice. Thanks guys! I use Proxychains and TOR with 2 socks5 proxies chained at the end. MyBox-->TOR-->Proxy01-->Proxy02-->Interwebs It works. :) Right, so you are using several layers to connect to the Internet, but then how do you program your reverse shells to call your box? What solutions do you use, that allows you to open several ports and still remain anonymous?
Schedule Demo