TunnelX is a lightweight ingress tunneling tool designed to create a secure SOCKS5 proxy server for routing network traffic. TunnelX is created for enabling internal network scanning from the ProjectDiscovery platform, ensuring a seamless and isolated connection.
- Secure network ingress via SOCKS5 proxy.
- Authenticated connections using your ProjectDiscovery API key.
- Isolated traffic routing for internal scanning and discovery.
TunnelX creates secure ingress tunnels using your ProjectDiscovery API key, enabling isolated internal scanning via a SOCKS5 proxy.
You can run TunnelX on different networks by specifying unique network names. This allows you to scan multiple networks independently, with each connection appearing as a selectable option in the network dropdown menu on the ProjectDiscovery Scans page.
-
Run the Docker image:
docker run --network host -d -e PDCP_API_KEY="your_api_key" projectdiscovery/tunnelx:latestReplace
your_api_keywith your ProjectDiscovery API key. -
Alternatively, build and run locally:
docker build . -t tunnelx docker run --network host -d -e PDCP_API_KEY="your_api_key" tunnelx
-
Install and run:
go install github.com/projectdiscovery/tunnelx@latest export PDCP_API_KEY="your_api_key" tunnelx
-
Run directly from source:
git clone https://github.com/projectdiscovery/tunnelx.git cd tunnelx export PDCP_API_KEY="your_api_key" go run .
-
Run as a systemd service: If you want to run TunnelX under systemd:
- Update the deployment/systemd/tunnelx.service file - Set Environment="PDCP_API_KEY=your_api_key_here"
- Add your username under ExecStart=, User= and set WorkingDirectory= to the TunnelX directory in deployment/systemd/tunnelx.service file.
- Copy, execute and enable the service:
sudo cp deployment/systemd/tunnelx.service /etc/systemd/system/tunnelx.service sudo systemctl daemon-reload sudo systemctl enable tunnelx sudo systemctl start tunnelx sudo systemctl status tunnelx
-
After successful connection, navigate to ProjectDiscovery Scans to create and manage scans using the established connection.
| Flag | Description |
|---|---|
-auth |
Your ProjectDiscovery API key (required). |
-name |
(Optional) Specify a custom network name. Default is your machine’s hostname. |
Example:
tunnelx -auth <your_api_key> -name <custom_network_name>Output Example:
tunnelx -auth <your_api_key>
[INF] Session established. Leave this terminal open to enable continuous discovery and scanning.
[INF] Your network is protected—connection isolated and not exposed to the internet.
[INF] To create a scan, visit: https://cloud.projectdiscovery.io/scans
[HELP] To terminate, press Ctrl+C.Running in the Background
To keep tunnelx running continuously in the background, follow these instructions based on your operating system:
# Linux & MacOS
nohup tunnelx -auth <your_api_key>
# Windows
start /B tunnelx -auth <your_api_key>
