Automic VaultAutomic Vault

brew

Install bounceback with Homebrew

Stealth redirector for red team operation security. Version 1.5.3 via Homebrew; verified from local package data.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install bounceback

local Homebrew formula metadata

overview

Package summary

Stealth redirector for red team operation security

Commands and aliases

  • bounceback

history

Project history and usage

BounceBack is a Go-based red-team redirector and reverse proxy for hiding command-and-control, phishing, or other operation infrastructure from scanners and unwanted visitors.

Project history

The public repository was created in May 2023. Its README describes BounceBack as a highly customizable reverse proxy with WAF-like filtering, real-time traffic analysis, IP and geolocation rules, domain fronting support, Malleable C2 profile validation, and multiple proxy protocols.

The first GitHub release line began with v1.0.0 in July 2023, followed by 1.4 and 1.5 releases through 2026.

Adoption history

BounceBack appears to be a niche security-operations package rather than a broad platform dependency. Its Homebrew formula gives it a package-manager entry point, while the upstream README directs users to download release archives, edit `config.yml`, and run the `bounceback` binary.

Repository metadata shows meaningful interest for a specialized red-team tool, but its adoption story is still mostly upstream GitHub releases plus the Homebrew package.

How it is used

Operators configure rules, proxies, and globals in `config.yml`, optionally refresh bundled banned-IP data, and run `bounceback` with a config and log path. The tool supports HTTP(S), DNS, raw TCP, TLS-wrapped TCP, and UDP proxying with rule pipelines.

The practical use case is traffic triage: allow expected operator or target traffic through while rejecting traffic from scanners, security vendors, sandboxes, or requests that fail a configured C2 profile.

Why package nerds care

For package nerds, BounceBack is interesting as a security tradecraft tool packaged like an ordinary CLI. It shows how red-team infrastructure utilities increasingly ship as small Go binaries with YAML config, release archives, and Homebrew distribution.

Timeline

  • 2023: Public GitHub repository created.
  • 2023: v1.0.0 published on GitHub Releases.
  • 2024: v1.5.0 and v1.5.1 release line continued.
  • 2026: v1.5.3 published.

Related projects

  • Cobalt Strike Malleable C2 profiles are directly relevant because BounceBack validates inbound traffic against Malleable profile rules.
  • Generic reverse proxies and web application firewalls are adjacent infrastructure patterns, though BounceBack applies them to red-team OPSEC.

security posture

Risk level: orange

formula declares a Homebrew service.

Risk classifier

orange risk · medium confidence · infrastructure

Why

  • formula declares a Homebrew service

Signals

  • metadata:service

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Formula metadata declares a service or daemon block.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
config.yml

executables

Installed executables

CommandKindExposureNote
bouncebackcliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version1.5.3
manager updated
local dataok
upstreamcurrent
latest detectedv1.5.3

https://github.com/D00Movenok/BounceBack

  • infoNo package-manager update timestamp was available.low confidence

install metadata

Package metadata

Package keybrew:bounceback
Version1.5.3
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/bounceback
Homepagehttps://github.com/D00Movenok/BounceBack
Repositoryhttps://github.com/D00Movenok/BounceBack
Upstream docshttps://github.com/D00Movenok/BounceBack#readme
LicenseMIT
Source archivehttps://github.com/D00Movenok/BounceBack/archive/refs/tags/v1.5.3.tar.gz
Build dependenciesgo
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicedeclared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namebounceback
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • package relationship graph
  • package version freshness
  • package-page enrichment