quality of life - ttpreport/ligolo-mp GitHub Wiki

Automated TUN management

You don't need to worry about lower level networking primitives - the underlying TUN manipulation is taken care of by Ligolo-mp server. So you can focus on the more practical things like declarative definition of routes that will be translated into correct TUN(s) configuration automatically.

Persistent agent configuration

Once configured - always configured: the server saves the state and binds it to a compromised machine. Even if you lose your agent and regain control later on and run another agent on the same machine - it will be correctly mapped to the same configuration and and it will be applied automatically.

Furthermore, you can continue configuring agent's routes and redirectors even when it's offline - the state will be synchronized once it's back online.

Flexible loopback routing

You don't need port forwarding anymore, you don't even need to use any "special" IPs to access local services of the compromised machine: you can mark any route as loopback and it will address local network interface of the machine that is running the agent.

Proxy support

In enterprise environment, most of the time, internal (LAN) machines can reach outside network only through a proxy - usually, it's HTTP-CONNECT and in some cases it can be SOCKS. In any case, Ligolo-mp agent supports both - you can either tell it to completely ignore any system proxy configuration and try to reach your target address directly, or you can tell agent to pick it up from system environment; and you also can configure a specific proxy you want an agent to use.

At-a-glance visibility and ease of use

Even a simple graphical interface is usually easier to use than fiddling with cli parameters and flags, but what is more important and is the main reason to mess with a GUI - easy way of assessing the current state of affairs: which pivots are up and what networks are available for operators, which are dead and for how long, which routes aren't available anymore because of that and so on. All of it in a single terminal window that you can pin as a dashboard.

Next steps

Of course, there's always a "but": to learn more, please continue to caveats overview.