algo
by trailofbits
Algo VPN is a set of Ansible scripts that automate the secure setup of a personal WireGuard and IPsec VPN on popular cloud providers.
Set up a personal VPN in the cloud
Primary Use Case
This tool is designed for users who want to quickly deploy a personal VPN server with strong security defaults on cloud platforms or their own Ubuntu servers. It is ideal for privacy-conscious individuals or small teams seeking an easy-to-manage VPN solution without relying on third-party VPN providers.
- Supports IKEv2 with strong cryptography (AES-GCM, SHA2, P-256) for iOS, macOS, and Linux
- Supports WireGuard for iOS, macOS, Linux, Android, and Windows 11
- Generates configuration files and QR codes for easy client setup
- Creates Apple profiles for automatic IPsec configuration on iOS and macOS without client software
- Includes helper scripts to add and remove VPN users
- Optional local DNS resolver to block ads
- Optional setup of limited SSH users for tunneling
- Compatible with multiple cloud providers and Ubuntu servers
Installation
- Set up an account on a supported cloud hosting provider (e.g., DigitalOcean, Amazon Lightsail, EC2, Vultr, Azure, Google Compute Engine, Scaleway, Hetzner Cloud, Linode, or your own Ubuntu server).
- Download the Algo VPN scripts by either downloading the ZIP file or cloning the repository with: git clone https://github.com/trailofbits/algo.git
- Ensure Python 3.10 is installed on your local system.
- On macOS Big Sur (11.0) or higher, install virtualenv with: python3 -m pip install --user --upgrade virtualenv
- If using macOS versions prior to Big Sur, follow the macOS deployment guide to install Python 3.
- On Linux, use the package manager to install Python 3.10 and required dependencies (details in full docs).
Usage
>_ git clone https://github.com/trailofbits/algo.gitClones the Algo VPN repository to your local machine.
>_ python3 -m pip install --user --upgrade virtualenvInstalls or upgrades the Python virtual environment tool required by Algo.
>_ ./algoRuns the Algo setup script to deploy a new VPN server on a supported cloud provider or local Ubuntu server.
- Leverage Algo VPN to create secure, ephemeral VPN environments for red team operations to simulate adversary lateral movement.
- Use Algo's automation to quickly deploy hardened VPN gateways in cloud environments for blue team secure remote access.
- Integrate Algo VPN deployment scripts into security automation pipelines to enforce consistent network security posture.
- Employ the optional DNS resolver feature to block ad and malicious domains, enhancing endpoint security.
- Use Algo's user management scripts to dynamically add/remove VPN users during incident response or purple team exercises.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about algo. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
3 free chats per tool • Instant responses • No credit card
Related Tools
v2ray-core
v2fly/v2ray-core
A platform for building proxies to bypass network restrictions.
sniffnet
GyulyVGC/sniffnet
Comfortably monitor your Internet traffic 🕵️♂️
setup-ipsec-vpn
hwdsl2/setup-ipsec-vpn
Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2
cilium
cilium/cilium
eBPF-based Networking, Security, and Observability
netbird
netbirdio/netbird
Connect your devices into a secure WireGuard®-based overlay network with SSO, MFA and granular access controls.
RustScan
bee-san/RustScan
🤖 The Modern Port Scanner 🤖