# Invoke-PortKnock PowerShell script that knocks on a given sets of ports. It can optionally take an execute parameter to run a secondary script after the knocking is complete. It should be noted that using port knocking is not a security measure alone, it is generally used to minimize detections from random bots on the internet. It is easy to figure out a port knocking sequence so make sure that your systems are using security best practices. ## Requirements ## Variables | Variable | Required | Default | Choices | Description | | ----------- | -------- | ------- | ------- | ---------------------------------------------------------------------------------------------------------------------------------- | | Knock_Ports | Yes | | | Object Array for of the sequence of ports that should be knocked - The array must follow the following pattern | | Delay | No | 200 | | The time to pause between knocks in milliseconds | | Execute | No | | | Optional command that will be run after the knocking sequence is complete. This is passed directly to a Invoke-Expression command | ### Knock_Ports Object | Variable | Required | Default | Choices | Description | | ----------- | -------- | ------- | ------- | -------------------------------------- | | Destination | Yes | | | Destination for port knock | | Port | Yes | | | Port to be used for port knock | | Protocol | Yes | | TCP,UDP | Protocol to be used for the port knock | ## Example Simple port knock with a delay of 500ms to avoid issues on a high latency connection ```powershell $Knock_Ports = @( ("10.1.1.1", 36041, "TCP"), ("10.1.1.1", 38097, "UDP"), ("10.1.1.1", 27079, "TCP") ) .\PortKnock.ps1 -Knock_Ports $Knock_Ports -Delay 500 ``` Port knock that initiates a RDP connection to a device after the knocking sequence is complete. ```powershell $Knock_Ports = @( ("10.1.1.1", 36041, "TCP"), ("10.1.1.1", 38097, "UDP"), ("10.1.1.1", 27079, "TCP") ) .\PortKnock.ps1 -Knock_Ports $Knock_Ports -Execute "mstsc.exe /v:10.1.1.1:3389 /public" ``` Port knock that initiates a SSH connection to a device after the knocking sequence is complete. ```powershell $Knock_Ports = @( ("10.1.1.1", 36041, "TCP"), ("10.1.1.1", 38097, "UDP"), ("10.1.1.1", 27079, "TCP") ) .\PortKnock.ps1 -Knock_Ports $Knock_Ports -Execute "ssh example@10.1.1.1" ``` ## License See LICENSE file for full license information.