Invoke-PortKnock

PowerShell script that knocks on a given sets of ports. It can optionally take an execute parameter to run a secondary script after the knocking is complete.

It should be noted that using port knocking is not a security measure alone, it is generally used to minimize detections from random bots on the internet. It is easy to figure out a port knocking sequence so make sure that your systems are using security best practices.

Requirements

Variables

Variable	Required	Default	Choices	Description
Knock_Ports	Yes			Object Array for of the sequence of ports that should be knocked - The array must follow the following pattern
Delay	No	200		The time to pause between knocks in milliseconds
Execute	No			Optional command that will be run after the knocking sequence is complete. This is passed directly to a Invoke-Expression command

Knock_Ports Object

Variable	Required	Default	Choices	Description
Destination	Yes			Destination for port knock
Port	Yes			Port to be used for port knock
Protocol	Yes		TCP,UDP	Protocol to be used for the port knock

Example

Simple port knock with a delay of 500ms to avoid issues on a high latency connection

$Knock_Ports = @(
    ("10.1.1.1", 36041, "TCP"),
    ("10.1.1.1", 38097, "UDP"),
    ("10.1.1.1", 27079, "TCP")
)

.\PortKnock.ps1 -Knock_Ports $Knock_Ports -Delay 500

Port knock that initiates a RDP connection to a device after the knocking sequence is complete.

$Knock_Ports = @(
    ("10.1.1.1", 36041, "TCP"),
    ("10.1.1.1", 38097, "UDP"),
    ("10.1.1.1", 27079, "TCP")
)

.\PortKnock.ps1 -Knock_Ports $Knock_Ports -Execute "mstsc.exe /v:10.1.1.1:3389 /public"

Port knock that initiates a SSH connection to a device after the knocking sequence is complete.

$Knock_Ports = @(
    ("10.1.1.1", 36041, "TCP"),
    ("10.1.1.1", 38097, "UDP"),
    ("10.1.1.1", 27079, "TCP")
)

.\PortKnock.ps1 -Knock_Ports $Knock_Ports -Execute "ssh example@10.1.1.1"

License

See LICENSE file for full license information.