Doxycannon A Poormans ProxyCannon & botnet, using docker, ovpn, & Socks5

Doxycannon takes a pool of OpenVPN files and creates a Docker container for each one. After a successful VPN connection, each container spawns a SOCKS5 proxy server and binds it to a port on the Docker host. Combined with tools like Burp suite or proxychains, this creates your very own private botnet on the cheap.

Password Spraying Blog Post Using DoxyCannon


  • A VPN subscription to a provider that distributes *.ovpn files
  • Install the required pip modules: pip install -r requirements.txt
  • Ensure docker is installed and enabled. Refer to the Wiki for installation instructions on Kali/Debian
  • proxychains4 is required for interactive mode


  • Create an auth.txt file with your ovpn credentials in VPN. The format is: username password
  • Fill the VPN folder with *.ovpn files and ensure that the auth-user-pass directive in your ./VPN/*.ovpn files says auth-user-pass auth.txt
    • Check out this wiki section for installation instructions for individual VPN providers
  • Run ./ --build to build your image with your OVPN files
    • --build will need to be run on code changes or when you modify the VPN folder’s contents


note: the way proxychains seeds its PRNG to choose a random proxy is not fast enough to ensure each subsequent request goes out through a different IP. You may get between 1-10 requests being made from the same IP. If this is unacceptable, I merged a patch to the original proxychains repo. Download and build from master to get the fix.

One-off, random commands

While your containers are up, you can use proxychains to issue commands through random proxies

proxychains4 -q curl -s
proxychains4 -q hydra -L users.txt -p Winter2018 -t 8 ssh

GUI Tools

Use the --single flag to bring up your proxies and create a proxy rotator.

❯❯ ./ --single
[+] Writing HAProxy configuration
[*] Image doxyproxy built.
[*] Staring single-port mode...
[*] Proxy rotator listening on port 1337. Ctrl-c to quit
[*] doxyproxy was issued a stop command
[*] Your proxies are still running.

To see what’s happening, checkout out the haproxy folder. Essentially, one is building a layer 4 load-balancer between all the VPNs. This will allow you rotate through your proxies from a single port which means you can point your browsers or BURPSuite instances at it and have every request use a different VPN.

Specific SOCKS proxies

If you want to use a specific proxy, give your utility the proper SOCKS port.

Example: To make a request through Japan, use docker ps and find the local port to which the Japanese proxy is bound.

Configure your tool to use that port:

curl --socks5 localhost:50xx


Once you’ve built your image and started your containers, run the utility with the --interactive flag to get a bash session where all network traffic is redirected through proxychains4

./ --interactive


pry0cc for the idea

This was originally a fork of pry0cc’s ProxyDock. It’s been modified to an extent where less than 1% of the original code remains.


Please follow and like us: