Ligolo-ng is a network tunneling framework and control server designed for managing remote agents and coordinating network routing. It functions as a reverse tunneling proxy and a site-to-site VPN tool, utilizing a userland TUN interface to pivot network traffic through remote agents.
The project distinguishes itself by using a TUN interface routing system to forward TCP, UDP, and ICMP traffic through multiple remote agents. It implements a C2 model where a central server manages remote agents to bypass firewall restrictions and provide direct subnet access to isolated networks.
The system covers a broad range of networking capabilities, including multi-hop pivot routing, protocol-agnostic packet encapsulation, and mutual authentication via automated certificate management. It also provides tools for network agent management, persistent route definition, and remote traffic redirection.
