Native Tor (SOCKS5) Integration with Circuit Rotation

[Bernic777]

Summary

Add native Tor (SOCKS5) support into Katana to enable anonymized, resilient, and stealth-oriented crawling without relying on external proxy chaining.

Problem

Current workflows require manual proxy setup (e.g., torsocks, proxychains) and external circuit rotation. This introduces:

• Operational overhead
• Reduced performance control
• Lack of visibility into IP rotation
• Inefficient scaling for large target lists

Proposal

1. Native Tor Flag

Introduce built-in Tor routing:

--tor

Default endpoint:

socks5://127.0.0.1:9050

Optional override:

--tor-endpoint socks5://127.0.0.1:9050

---

2. Circuit Rotation Support

Allow identity rotation via Tor control port:

--tor-rotate
--tor-rotate-interval 60
--tor-control 127.0.0.1:9051
--tor-control-pass <password>

Expected behavior:

• Trigger NEWNYM signal
• Rotate exit nodes periodically or per request batch

---

3. Integration with Existing Engine

Tor mode should work seamlessly with:

• Rate limiting (-rl)
• Concurrency (-c)
• Parallelism (-p)
• Depth-based crawling (-d)

No breaking changes to current proxy logic.

---

4. Failover Mode (Optional)

--tor-fallback

If Tor is unavailable:

• fallback to direct connection OR
• fallback to user-defined proxy

---

5. Debug Mode

--tor-debug

Expose:

• Current exit IP
• Circuit refresh events
• Connection failures / retries

---

Implementation Direction (Go)

• Use golang.org/x/net/proxy for SOCKS5 dialer
• Abstract transport layer to support dynamic routing
• Connect to Tor ControlPort (9051) for NEWNYM
• Maintain compatibility with existing HTTP client

Pseudo-flow:

if tor_enabled:
    dialer = socks5_dialer(127.0.0.1:9050)
    if rotate_enabled:
        trigger_newnym(interval)
else:
    use_default_transport()

---

Use Cases

• Stealth recon on hardened targets
• Bypassing IP-based rate limiting
• Testing geo-restricted endpoints
• Simulating distributed scanning behavior

---

Expected Impact

• Cleaner workflow (no external tooling required)
• Better anonymity control
• More stable large-scale crawling
• Stronger alignment with real-world recon scenarios

---

Closing

This is a natural extension for advanced recon workflows.
Would significantly level up Katana for serious operators.

Cheers....

Bernic