[ Certified Ethical Hacker v10 ] :: Using ngrok to Set a Trap From Inside NAT

This entry is part 29 of 30 in the series [ Certified Ethical Hacker Training ]

In a lot of hacking examples, the instructor demonstrates a tool like BeEF that requires you to have a website to host the trapping script (for instance, a cookie stealer). They’ll often use a localhost address ( and effectively set a trap for themselves (it’s a demo, after all), without showing you how to use the tool on the open internet.

One good solution is simply to set up a local web service:

python -n SimpleHTTPServer 80

But this is going to be a problem if you’re behind NAT, unless you have access to the router and can set up port forwarding to your trap machine.

Another solution is to use ngrok, a tool designed for exactly these cases.

“ngrok is a reverse proxy that creates a secure tunnel from a public endpoint to a locally running web service. ngrok captures and analyzes all traffic over the tunnel for later inspection and replay.” – https://github.com/inconshreveable/ngrok

The Github version is 1.0, while development has gone closed-source for version 2.