pangolin
by fosrl
Pangolin is an identity-aware, zero-trust platform that unifies VPN and reverse proxy capabilities for secure remote access to any resource, anywhere.
Identity-aware VPN and proxy for remote access to anything, anywhere.
Primary Use Case
Pangolin enables organizations and individuals to securely connect to private and public resources remotely, eliminating the need for traditional VPNs or complex network configurations. It's ideal for remote teams, developers needing access to internal services, and anyone seeking a more secure and granular way to manage access to their digital assets.
- Identity-aware remote access
- Zero-trust security model
- Unified VPN and reverse proxy
- Browser-based access to web applications
- Client-based access to private resources
- Secure tunnels for remote networks (site connectors)
- Granular access control
Installation
- Check out the quick install guide for how to install and set up Pangolin.
- Install from the DigitalOcean marketplace for a one-click pre-configured installer.
- Pangolin's identity-aware nature can be leveraged by red teams to simulate sophisticated phishing attacks targeting specific user roles, bypassing traditional network perimeter defenses.
- The 'site connector' feature can be used by red teams to establish persistent C2 channels from compromised internal networks to external infrastructure, mimicking advanced persistent threats.
- Blue teams can use Pangolin's granular access control logs to detect anomalous access patterns and potential insider threats or compromised credentials.
- Purple teams can simulate scenarios where an attacker gains initial access through a vulnerable public-facing application and then uses Pangolin to pivot internally, testing the effectiveness of both the access control and the detection mechanisms.
- Integrate Pangolin logs with SIEM for real-time threat hunting and automated alerting on suspicious remote access activities, such as access from unusual geolocations or at odd hours.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about pangolin. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
3 free chats per tool • Instant responses • No credit card
Related Tools
vaultwarden
dani-garcia/vaultwarden
Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs
authelia
authelia/authelia
The Single Sign-On Multi-Factor portal for web apps, now OpenID Certified™
keepassxc
keepassxreboot/keepassxc
KeePassXC is a cross-platform community-driven port of the Windows application “KeePass Password Safe”.
infisical
Infisical/infisical
Infisical is the open-source platform for secrets, certificates, and privileged access management.
authentik
goauthentik/authentik
The authentication glue you need.
teleport
gravitational/teleport
The easiest, and most secure way to access and protect all of your infrastructure.