
Overview
For pentesters there is a problem while scanning the vulnerabilites on websites or any system. Usually on “https” site, the system will block your IP address while scanning or scaping website. The solution to bypass block IP address while scanning vulnerabilities is rotating your IP address with proxy. This method will help you bypass the firewall on websites.
With tool called Mubeng you check live proxies and also rotate you IP address. Mubeng is an incredibly fast proxy checker & IP rotator with ease.
Why mubeng?
It’s fairly simple, there is no need for additional configuration.
Mubeng has 2 core functionality:
1. Run proxy server as proxy IP rotation
This is useful to avoid different kinds of IP ban, i.e. bruteforce protection, API rate-limiting or WAF blocking based on IP. We also leave it entirely up to user to use proxy pool resources from anywhere.
2. Perform proxy checks
So, you don’t need any extra proxy checking tools out there if you want to check your proxy pool.
Features
- Proxy IP rotator: Rotates your IP address for every specific request.
- Proxy checker: Check your proxy IP which is still alive.
- All HTTP/S methods are supported.
- HTTP & SOCKSv5 proxy protocols apply.
- All parameters & URIs are passed.
- Easy to use: You can just run it against your proxy file, and choose the action you want!
- Cross-platform: whether you are Windows, Linux, Mac, or even Raspberry Pi, you can run it very well.
Installation
Manual building executable from source code:
▶ git clone https://github.com/kitabisa/mubeng ▶ cd mubeng ▶ make build ▶ (sudo) mv ./bin/mubeng /usr/local/bin ▶ make clean
Burp Suite Upstream Proxy
In case you want to use Mubeng (proxy IP rotator) as an upstream proxy in Burp Suite, acting in-between Burp Suite and mubeng to the internet, so you don’t need any additional extensions in Burp Suite for that.

OWASP ZAP Proxy Chain
It acts the same way when you using an upstream proxy. OWASP ZAP allows you to connect to another proxy for outgoing connections in OWASP ZAP session.
