Add AWS API Gateway IP rotation module

.gitignore

@@ -0,0 +1,3 @@
+venv/
+__pycache__/
+*.pyc

README.md

@@ -28,6 +28,7 @@ See the accompanying [**Blog Post**](blogpost.md) for a fun rant and some cool d
 - Tells you the status of each account: if it exists, is locked, has MFA enabled, etc.
 - Automatic cancel/resume (remembers already-tried user/pass combos in `~/.trevorspray/tried_logins.txt`)
 - Round-robin proxy through multiple IPs with `--ssh` or `--subnet`
+- **AWS API Gateway IP rotation** with `--aws` (each request gets a different source IP)
 - Automatic infinite reconnect/retry if a proxy goes down (or if you lose internet)
 - Spoofs `User-Agent` and other signatures to look like legitimate auth traffic
 - Comprehensive logging
@@ -93,6 +94,28 @@ trevorspray -u bob@evilcorp.com -p 'Welcome123' --delay 5
 trevorspray -u emails.txt -p 'Welcome123' --ssh root@1.2.3.4 root@4.3.2.1
 ```
 
+## Example: Spray with AWS IP rotation (different source IP per request)
+```bash
+# install with AWS support
+pip install trevorspray[aws]
+
+# spray using AWS API Gateway IP rotation (will prompt for AWS keys on first run)
+trevorspray -u emails.txt -p 'Welcome123' --aws
+
+# specify AWS credentials directly
+trevorspray -u emails.txt -p 'Welcome123' --aws --aws-access-key AKIA... --aws-secret-key ...
+
+# use a specific AWS profile
+trevorspray -u emails.txt -p 'Welcome123' --aws --aws-profile myprofile
+
+# limit to specific AWS regions
+trevorspray -u emails.txt -p 'Welcome123' --aws --aws-regions us-east-1 eu-west-1 ap-southeast-1
+
+# clear saved AWS credentials
+trevorspray --aws-clear-creds
+```
+> **Note:** Requires an AWS account with API Gateway permissions. API Gateways are created automatically across multiple regions and cleaned up on exit. Credentials are saved to `~/.trevorspray/aws_config.ini` for future use.
+
 ## Example: Find valid usernames without OSINT >:D
 ```bash
 # clone wordsmith dataset
@@ -195,6 +218,20 @@ Subnet Proxy:
   --subnet SUBNET       Subnet to send packets from
   --interface INTERFACE
                         Interface to send packets on
+
+AWS IP Rotation:
+  Rotate source IP using AWS API Gateway endpoints across multiple regions
+
+  --aws                 Enable IP rotation through AWS API Gateway
+  --aws-regions REGION [REGION ...]
+                        AWS regions to create API Gateways in (default: all available regions)
+  --aws-profile AWS_PROFILE
+                        AWS profile name to use from ~/.aws/credentials
+  --aws-access-key AWS_ACCESS_KEY
+                        AWS access key ID (alternative to --aws-profile)
+  --aws-secret-key AWS_SECRET_KEY
+                        AWS secret access key (alternative to --aws-profile)
+  --aws-clear-creds     Delete saved AWS credentials from ~/.trevorspray/aws_config.ini and exit
 ```
 
 ## Writing your own Spray Modules

pyproject.toml

@@ -17,6 +17,10 @@ trevorproxy = "^1.0.8"
 tldextract = "^5.1.3"
 beautifulsoup4 = "^4.12.3"
 mechanicalsoup = "^1.3.0"
+boto3 = {version = "^1.28.0", optional = true}
+
+[tool.poetry.extras]
+aws = ["boto3"]
 
 [tool.poetry.scripts]
 trevorspray = 'trevorspray.cli:main'

trevorspray/cli.py

@@ -200,16 +200,71 @@ def main():
     subnet_group.add_argument("--subnet", help="Subnet to send packets from")
     subnet_group.add_argument("--interface", help="Interface to send packets on")
 
+    aws_group = parser.add_argument_group(
+        title="AWS IP Rotation",
+        description="Rotate source IP using AWS API Gateway endpoints across multiple regions",
+    )
+    aws_group.add_argument(
+        "--aws",
+        action="store_true",
+        help="Enable IP rotation through AWS API Gateway",
+    )
+    aws_group.add_argument(
+        "--aws-regions",
+        nargs="+",
+        default=None,
+        metavar="REGION",
+        help="AWS regions to create API Gateways in (default: all available regions)",
+    )
+    aws_group.add_argument(
+        "--aws-profile",
+        default=None,
+        help="AWS profile name to use from ~/.aws/credentials",
+    )
+    aws_group.add_argument(
+        "--aws-access-key",
+        default=None,
+        help="AWS access key ID (alternative to --aws-profile)",
+    )
+    aws_group.add_argument(
+        "--aws-secret-key",
+        default=None,
+        help="AWS secret access key (alternative to --aws-profile)",
+    )
+    aws_group.add_argument(
+        "--aws-clear-creds",
+        action="store_true",
+        help="Delete saved AWS credentials from ~/.trevorspray/aws_config.ini and exit",
+    )
+
     try:
         log.info(f'Command: {" ".join(sys.argv)}')
 
         options = parser.parse_args()
 
+        # Handle --aws-clear-creds
+        if options.aws_clear_creds:
+            from .lib.aws_gateway import AWS_CONFIG_FILE
+            if AWS_CONFIG_FILE.exists():
+                AWS_CONFIG_FILE.unlink()
+                log.info(f"Deleted saved AWS credentials from {AWS_CONFIG_FILE}")
+            else:
+                log.info(f"No saved AWS credentials found at {AWS_CONFIG_FILE}")
+            sys.exit(0)
+
         conflicting_options = [options.subnet, options.ssh, options.proxy]
+        if options.aws:
+            conflicting_options.append("aws")
         if conflicting_options.count(None) + conflicting_options.count([]) < 2:
-            log.error("Cannot specify --ssh, --subnet, or --proxy together")
+            log.error("Cannot specify --ssh, --subnet, --proxy, or --aws together")
             sys.exit(1)
 
+        if options.aws:
+            if options.aws_regions:
+                log.info(f"AWS IP rotation enabled in {len(options.aws_regions)} regions")
+            else:
+                log.info("AWS IP rotation enabled in all available regions")
+
         if options.ssh and options.threads:
             log.warning(
                 "When --ssh is specified, one thread is spawned per SSH session. Ignoring --threads"