BestHub
Sign in
Information Security 13 min read

Common Intranet Penetration Tools: nps, frp, EW, and ngrok – Features and Usage Guide

This article introduces several widely used intranet penetration tools—including nps, frp, EW, and ngrok—explaining their core principles, key features, and step‑by‑step configuration commands for establishing secure tunnels, proxy services, and remote access to internal resources.

Laravel Tech Community
Laravel Tech Community
Laravel Tech Community
Common Intranet Penetration Tools: nps, frp, EW, and ngrok – Features and Usage Guide

1. nps (Network Proxy Server) is a lightweight, high‑performance intranet penetration proxy written in Go, supporting TCP/UDP forwarding, HTTP/SOCKS5 proxy, P2P, and a web management console.

cd ~
wget https://github.com/ehang-io/nps/releases/download/v0.23.2/linux_amd64_server.tar.gz
tar xzvf linux_amd64_server.tar.gz
cd ~/nps

After extracting, edit conf/nps.conf to set the web interface parameters:

web_host =
web_username = admin
web_password =
web_port = 8080

Configure the bridge port if needed:

#bridge
bridge_type = tcp
bridge_port = 443
bridge_ip = 0.0.0.0

Start the server:

#Mac/Linux
./nps test|start|stop|restart|status
#Windows
nps.exe test|start|stop|restart|status

Client side (NPC) command example:

./npc -server=
:8024 -vkey=
-type=tcp

2. frp (Fast Reverse Proxy) focuses on high‑performance reverse proxy, supporting TCP, UDP, HTTP, HTTPS, and more.

Typical usage to expose RDP:

# frps.ini
[common]
bind_port = 7000
token = abcdefgh

# frpc.ini
[common]
server_addr = x.x.x.x
server_port = 7000
token = abcdefgh

[rdp]
type = tcp
local_ip = 127.0.0.1
local_port = 3389
remote_port = 6000

Start the server and client:

./frps -c ./frps.ini
./frpc -c ./frpc.ini

Similar configurations apply for SSH, custom domain web services, static file sharing, dashboard, encryption/compression, TLS, bandwidth limiting, and port range mapping, all demonstrated with corresponding .ini snippets in the source.

3. EW (EarthWorm) is a portable network penetration tool written in C, providing SOCKS5 proxy and port forwarding.

Key features: lightweight, multi‑level proxy, cross‑platform, SOCKS5 only.

Example commands:

# Forward SOCKS5 server
./ew -s ssocksd -l 1080

# Reverse SOCKS5 server
./ew -s rcsocks -l 1080 -e 8888

# Multi‑level chaining
./ew -s lcx_listen -l 1080 -e 8888
./ew -s lcx_tran -l 1080 -f 127.0.0.1 -g 9999
./ew -s lcx_slave -d 127.0.0.1 -e 8888 -f 127.0.0.1 -g 9999

4. ngrok is a reverse proxy service that creates secure tunnels from a public endpoint to a local web server, also offering traffic inspection and replay.

Typical workflow:

# Register and download ngrok
./ngrok authtoken
# Expose local HTTP service on port 80
./ngrok http 80

Additional examples include authenticated file sharing and exposing a Windows RDP port:

# File sharing with auth
ngrok http -auth="user:password" file:///Users/alan/share
# Expose RDP
ngrok tcp 3389

For more commands and options, refer to the official documentation at https://ngrok.com/docs.

information securityfrpIntranet Penetrationnpsnetwork tunnelingNgrok
Laravel Tech Community
Written by

Laravel Tech Community

Specializing in Laravel development, we continuously publish fresh content and grow alongside the elegant, stable Laravel framework.

0 followers
Reader feedback

How this landed with the community

login Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment