Deploy Self hosted interactsh-server for Blind & Out of Band Testing

Takshil Patil
5 min readApr 3, 2022


Previous: Private Burp Collaborator

Note: This article is for ethical and educational purposes only.


Why I needed to build a OOB Testing server

The main reason was to have a way to exfiltrate data using dns. This can not only be used for data exfiltration but also for testing out-of-band and blind testing. use custom domain like name which are generally not blacklisted.

There is a very good and easy to do this. Using a tool called developed by ProjectDiscovery.

You can either use the tool directly using the hosting provided for everyone. Where you can directly start testing.

Or you can use the tool on your private hosting environment to customizing domain and other configuration. This article is relevant for self hosting.

Alternatively, there is an older tool OOB-Server but I will not be showing its deployment, but is very similar to this, simply you need to install this instead of on the server.

Step 1: Create AWS EC2 server — free tier

You need a EC2 server, you can use EC2 free tier or buy EC2 server, whichever works for you. I have used free tier. For the complete steps follow the Main Reference.

Specifications (already there in main reference) :

  • OS : latest ubuntu (free tier)
  • Hardware: t2.micro
  • Disk Space < 30GB
  • hours/month = 750 hours (if you are using only one server then you dont have to worry). Read AWS documentation to understand how “hours” are billed.
  • Validity = 1 year
  • Make sure you select an alert of free tier (this is not mentioned in Main Reference). This will ensure that you will be notified if you are charged additional cost.

Note down your public IPv4 DNS Name:

An Important instruction about this AWS elastic IPs

  • The assigned AWS IP address will change if you reboot or restart the server. This will affect your AWS public dns name, which means your nameserver record of your domain has to be changed. And even after changing all these value and deploying a new burp collaborator server, you may get error while deployment.
  • In this case, (the only way for me that worked was), buy a new domain (free in my case). Map that domain to this new AWS domain name. And now don’t stop the server.

Step 2: Buy Domain Name

Buy using freenom (worked like a charm for me)

Important: Please buy a new domain. Personally, I have faced a lot of problems (time consuming) when you update your existing bought domains.

  • After buying the domain (valid for 1 year) go to the domain setting and click nameserver

Nameserver 1: your_AWS_EC2_public_dns_name

Nameserver 2: (cloudfare)

Now all done one the domain side.

Step 3: Allow the required ports

As you already know, this is not a sensitive server. We will not be using it to save any sensitivities data, it will only be used for validating/checking the out-of-band attacks.

AWS Security Group of your instance.

Step 4: Configuring the interactsh server side on the AWS Ubuntu machine

  • Step 1: Take SSH of your AWS Ubuntu server.
  • Step 2: Update and Upgrade the server
sudo apt update
sudo apt upgrade
  • Step 3: Install go latest version, make sure to configure the PATH environment variable.
  • Step 3: Install interactsh-server
go install -v
  • Step 4: Now run the built file. If you are not able find the file go to ~/go folder.

You need 3 things

  1. You domain, here I have used,
  2. Public IP of the AWS Ubuntu server, say,

Change user to root.

sudo -i

Then run the below command,

interactsh-server -domain -ip -wildcard -sa -ldap

Below is the snippet of the ouput

interactsh server side

Step 5: Verify if your DNS records are updated

If you get result similar to below this means your DNS records are updated.

success screenshot

Step 6: Configuring the interactsh client side on any machine where you want to see your ouput.

We need to install a client where you can see the the hits that we get on the interactsh server. The server is just that does all the work but do not display the output. If you want to display the output you need a interactsh client.

  • Step 1: Install go latest version, make sure to configure the PATH environment variable.
  • Step 2: Install interactsh-client
go install -v
interactsh-client -s -t ga60d6sometauthenticationtoken8939b226501f774a

Step 7: Validate the setup

Now open a browser on any other machine or mobile and visit

In your interactsh-client you should see some new entries as shown below.

success screenshot

If you recieve entries like “Received HTTP interaction” or “Received DNS interaction”

Note: There is one error regarding http register, you can ignore it, as I am using https to register. interactsh-client by itself tried to register to interactsh-server on http.

You can run the below command

Step 8: Stopping the interactsh-server

If find it very useful that I can easily stop the interactsh-server. The OOB-Server tool does not have any easy way to stop or uninstall the setup. I had to delete the AWS instance and re-install again.

To stop simply press Ctrl+C

stopping interactsh-server



Takshil Patil

Learner. Curious about Blockchain Security