enum.run :: Local Tunneling Service Documentation


This service is a simpler version of ngrok, a utility which exposes a local HTTP application to the Internet.

There's no extra code running behind the scenes, just a small tweak to a nginx configuration file and a wildcard certificate. We will port foward our local http server through ssh to connect a double reverse proxy.

After reading this guide you will be able to spin up a public url for a demo of a web application.


You can skip to port fowarding if you're familiar with spinning up localhost applications or already have one running.

If you haven't already, spin up an http server on your local machine. If you've never done this, you can use python:

$ python -m http.server LOCAL-PORT

For older versions of python you can type:

$ python -m SimpleHTTPServer LOCAL-PORT

Choose any registered ports (1024 - 48151) on your local box, if you omit the port the default will be 8000.

You should see a message:

Serving HTTP on port <LOCAL-PORT>

Point your browser to localhost:LOCAL-PORT

You will either see the directory from where you invoked the server, or you will see a webpage if there's an index.html file.

What you see in the browser is what will be tunneled and viewable to the Internet. Be careful.

Port Fowarding

Unlike ngrok, the subdomain for our public url is not dynamically generated. Instead you choose it.

The subdomain will be a number between 8300 - 8600 inclusive. These are the designated tunneling ports for this service, and the one you choose will correspond with the SERVER-PORT.

There's a small chance the one you pick is being occupied, but since this service is only for short term demos, it's not very likely.

The following command is recommended to be ran in a tmux session, since you will be dropped into a jailed shell anyways. More importantly, you should understand you're binding your local port to the server's port.

$ ssh -4R SERVER-PORT:localhost:LOCAL-PORT guest@SERVER-PORT.tun.enum.run

Your ssh client will warn you it can't establish the authenticity of the new host. Just type yes to continue connecting. The password should be displayed in the banner.

To reiterate, this is a jailed shell. You have almost no permissions as the guest user. At this point you can detatch your tmux session, or be a caveman and leave the terminal window open somwhere on your desktop.

Joking apart, this is just a means to port foward without the hassle of collecting stranger's keys.

View your Local Service Publically

The public url is: https://SERVER-PORT.tun.enum.run

If you're sharing this url, make sure you prefix the domain with 'https://'. For example, 8301.tun.enum.run will not redirect to https in some cases. To play it safe, manually tell it to use tls. This is still a work in progress.

As soon as the ssh tunnel is disconnected, or the localhost service is interrupted, the url will return a 502 Bad Gateway error and you will need to rerun the ssh command.

Screenshot Demo