macOS
brew install bouncebacklocal Homebrew formula metadata
brew
Stealth redirector for red team operation security. Version 1.5.3 via Homebrew; verified from local package data.
install
brew install bouncebacklocal Homebrew formula metadata
overview
Stealth redirector for red team operation security
history
BounceBack is a Go-based red-team redirector and reverse proxy for hiding command-and-control, phishing, or other operation infrastructure from scanners and unwanted visitors.
The public repository was created in May 2023. Its README describes BounceBack as a highly customizable reverse proxy with WAF-like filtering, real-time traffic analysis, IP and geolocation rules, domain fronting support, Malleable C2 profile validation, and multiple proxy protocols.
The first GitHub release line began with v1.0.0 in July 2023, followed by 1.4 and 1.5 releases through 2026.
BounceBack appears to be a niche security-operations package rather than a broad platform dependency. Its Homebrew formula gives it a package-manager entry point, while the upstream README directs users to download release archives, edit `config.yml`, and run the `bounceback` binary.
Repository metadata shows meaningful interest for a specialized red-team tool, but its adoption story is still mostly upstream GitHub releases plus the Homebrew package.
Operators configure rules, proxies, and globals in `config.yml`, optionally refresh bundled banned-IP data, and run `bounceback` with a config and log path. The tool supports HTTP(S), DNS, raw TCP, TLS-wrapped TCP, and UDP proxying with rule pipelines.
The practical use case is traffic triage: allow expected operator or target traffic through while rejecting traffic from scanners, security vendors, sandboxes, or requests that fail a configured C2 profile.
For package nerds, BounceBack is interesting as a security tradecraft tool packaged like an ordinary CLI. It shows how red-team infrastructure utilities increasingly ship as small Go binaries with YAML config, release archives, and Homebrew distribution.
security posture
formula declares a Homebrew service.
orange risk · medium confidence · infrastructure
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
config.ymlexecutables
| Command | Kind | Exposure | Note |
|---|---|---|---|
bounceback | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/D00Movenok/BounceBack
install metadata
| Package key | brew:bounceback |
|---|---|
| Version | 1.5.3 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/bounceback |
| Homepage | https://github.com/D00Movenok/BounceBack |
| Repository | https://github.com/D00Movenok/BounceBack |
| Upstream docs | https://github.com/D00Movenok/BounceBack#readme |
| License | MIT |
| Source archive | https://github.com/D00Movenok/BounceBack/archive/refs/tags/v1.5.3.tar.gz |
| Build dependencies | go |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | bounceback |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.