Invoke-PortKnock/README.md

# Invoke-PortKnock

PowerShell script that knocks on a given sets of ports. It can optionally take an execute parameter to run a secondary script after the knocking is complete.

It should be noted that using port knocking is not a security measure alone, it is generally used to minimize detections from random bots on the internet. It is easy to figure out a port knocking sequence so make sure that your systems are using security best practices.

## Requirements

## Variables

|  Variable   | Required | Default | Choices |                                                            Description                                                             |
| ----------- | -------- | ------- | ------- | ---------------------------------------------------------------------------------------------------------------------------------- |
| Knock_Ports | Yes      |         |         | Object Array for of the sequence of ports that should be knocked - The array must follow the following pattern                     |
| Delay       | No       | 200     |         | The time to pause between knocks in milliseconds                                                                                  |
| Execute     | No       |         |         | Optional command that will be run after the knocking sequence is complete. This is passed directly to a Invoke-Expression command |

### Knock_Ports Object

|  Variable   | Required | Default | Choices |              Description               |
| ----------- | -------- | ------- | ------- | -------------------------------------- |
| Destination | Yes      |         |         | Destination for port knock             |
| Port        | Yes      |         |         | Port to be used for port knock         |
| Protocol    | Yes      |         | TCP,UDP | Protocol to be used for the port knock |

## Example

Simple port knock with a delay of 500ms to avoid issues on a high latency connection

```powershell
$Knock_Ports = @(
    ("10.1.1.1", 36041, "TCP"),
    ("10.1.1.1", 38097, "UDP"),
    ("10.1.1.1", 27079, "TCP")
)

.\PortKnock.ps1 -Knock_Ports $Knock_Ports -Delay 500
```

Port knock that initiates a RDP connection to a device after the knocking sequence is complete.

```powershell
$Knock_Ports = @(
    ("10.1.1.1", 36041, "TCP"),
    ("10.1.1.1", 38097, "UDP"),
    ("10.1.1.1", 27079, "TCP")
)

.\PortKnock.ps1 -Knock_Ports $Knock_Ports -Execute "mstsc.exe /v:10.1.1.1:3389 /public"
```

Port knock that initiates a SSH connection to a device after the knocking sequence is complete.

```powershell
$Knock_Ports = @(
    ("10.1.1.1", 36041, "TCP"),
    ("10.1.1.1", 38097, "UDP"),
    ("10.1.1.1", 27079, "TCP")
)

.\PortKnock.ps1 -Knock_Ports $Knock_Ports -Execute "ssh example@10.1.1.1"
```

## License

See LICENSE file for full license information.
Initial commit 2021-09-12 20:32:09 -06:00			`# Invoke-PortKnock`

			`PowerShell script that knocks on a given sets of ports. It can optionally take an execute parameter to run a secondary script after the knocking is complete.`

Initial commit 2021-09-13 13:43:33 -06:00			`It should be noted that using port knocking is not a security measure alone, it is generally used to minimize detections from random bots on the internet. It is easy to figure out a port knocking sequence so make sure that your systems are using security best practices.`

Initial commit 2021-09-12 20:32:09 -06:00			`## Requirements`

			`## Variables`

Initial commit 2021-09-13 13:43:33 -06:00			`\| Variable \| Required \| Default \| Choices \| Description \|`
			`\| ----------- \| -------- \| ------- \| ------- \| ---------------------------------------------------------------------------------------------------------------------------------- \|`
			`\| Knock_Ports \| Yes \| \| \| Object Array for of the sequence of ports that should be knocked - The array must follow the following pattern \|`
			`\| Delay \| No \| 200 \| \| The time to pause between knocks in milliseconds \|`
			`\| Execute \| No \| \| \| Optional command that will be run after the knocking sequence is complete. This is passed directly to a Invoke-Expression command \|`

			`### Knock_Ports Object`

			`\| Variable \| Required \| Default \| Choices \| Description \|`
			`\| ----------- \| -------- \| ------- \| ------- \| -------------------------------------- \|`
			`\| Destination \| Yes \| \| \| Destination for port knock \|`
			`\| Port \| Yes \| \| \| Port to be used for port knock \|`
			`\| Protocol \| Yes \| \| TCP,UDP \| Protocol to be used for the port knock \|`
Initial commit 2021-09-12 20:32:09 -06:00
			`## Example`

Initial commit 2021-09-13 13:43:33 -06:00			`Simple port knock with a delay of 500ms to avoid issues on a high latency connection`

			```powershell
			`$Knock_Ports = @(`
			`("10.1.1.1", 36041, "TCP"),`
			`("10.1.1.1", 38097, "UDP"),`
			`("10.1.1.1", 27079, "TCP")`
			`)`

			`.\PortKnock.ps1 -Knock_Ports $Knock_Ports -Delay 500`
			```

			`Port knock that initiates a RDP connection to a device after the knocking sequence is complete.`

			```powershell
			`$Knock_Ports = @(`
			`("10.1.1.1", 36041, "TCP"),`
			`("10.1.1.1", 38097, "UDP"),`
			`("10.1.1.1", 27079, "TCP")`
			`)`

			`.\PortKnock.ps1 -Knock_Ports $Knock_Ports -Execute "mstsc.exe /v:10.1.1.1:3389 /public"`
			```

			`Port knock that initiates a SSH connection to a device after the knocking sequence is complete.`

			```powershell
			`$Knock_Ports = @(`
			`("10.1.1.1", 36041, "TCP"),`
			`("10.1.1.1", 38097, "UDP"),`
			`("10.1.1.1", 27079, "TCP")`
			`)`

			`.\PortKnock.ps1 -Knock_Ports $Knock_Ports -Execute "ssh example@10.1.1.1"`
			```

Initial commit 2021-09-12 20:32:09 -06:00			`## License`

			`See LICENSE file for full license information.`