Our great sponsors
-
wiretap
Wiretap is a transparent, VPN-like proxy server that tunnels traffic via WireGuard and requires no special privileges to run.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Wireproxy can do similar stuff: https://github.com/octeep/wireproxy
(Disclaimer: I am a contributor to Wireproxy)
Vanilla WireGuard doesn't provide a way to run a peer in userspace that can proxy traffic between another peer and an endpoint such as a web server because you need to be privileged to do thinks like work with raw packets. However, https://github.com/WireGuard/wireguard-go is a userspace implementation of WireGuard and has recently incorporated Google's userspace networking stack. This project uses these two userspace tools to "fake" a privileged WireGuard peer that proxies TCP, UDP, and (a small subset of) ICMP. It was written as a pentesting/red team utility for my team but it can also serve as a general makeshift VPN when you don't have privileges on a box you want to proxy through.