Port Knocking Tool

Port knocking is a procedure to secure the server or server services in networks to protect against unauthorized access. The ports used for communication are initially blocked by the server's firewall. A port knocking daemon monitors incoming SYN packets on the server, which, in the correct order, causes the daemon to make the corresponding blocked port accessible again. As soon as the server service is no longer required, the desired port can be blocked again by sending another sequence of SYN packets.

Port Knocking Tool is a Windows client with graphical user interface (GUI) to send the appropriate order of the SYN packets to the protected server. Both UDP and TCP packets are supported. A console application is also included.


System requirements

  • Windows 7 SP1, 8 or 10
  • .NET Framework 4.7.2


Port Knocking Tool can be downloaded free of charge and used for both private and business purposes. The program is distributed under the terms of the GNU General Public License version 3. The source code will be submitted as soon as possible. Otherwise you can also contact me.

Privacy policy

The program is designed not to collect any private data.

A log function is built in to detect errors. However, this can only be activated by the
user. A text file is only created on a local drive where only the user has access.

When using the update function, the following information is sent to the update
server https://api.epinox.de to offer a potentially available update:
- program name, version, type
- channel
- language code

Additional privacy notes can be found here.



Send: The packet sequence selected in the list is sent to the protected server
Add: A new packet sequence is added to the list
Modify: Make changes to the sequence
Copy: Copy the selected sequence
Remove: The sequence is removed from the list



Delay: Enter the delay time in milliseconds between two IP packets
Save position: The position and size of the main form are saved and restored on startup
Encrypt file: The settings file is encrypted
Inactivity lock time: Lock user interface after the specified time (in seconds)
Check for update: The program checks for new program versions after a specified time (0 = disabled)


Sequence form

Name: Description that appears in the list
Host: Server address
Sequence: Enter the desired sequence
Format: port[:udp or :tcp][, ...]
Example: 7000:udp,8000:udp,9000:udp
Host / Port (Check): Host port to be checked
Delay (Check): Delays checking the port in milliseconds after sending the sequence
Program: Program that is started after the sequence has been sent
Arguments: Program parameters
Delay: Delays program start in milliseconds after sending the sequence
Start after check: Starts the program only if the port to be checked is open



Portable yes|no
ConfigFile Path to the settings file (PortKnockingTool.xml|.epk)


Version 1.4.3 [2024-05-06]

  • New: Force IPv4/6 on name resolution

Version 1.4.2 [2023-09-05]

  • Bugfix: fixed problem with IPv6

Version 1.4.1 [2023-05-28]

  • Removed unneeded PCap
  • Various minor changes

Version 1.4 [2023-05-23]

  • New: Added update function
  • The position and size of the main form can now be saved
  • No more PCap needed for TCP

Version 1.3.1 [2023-01-29]

  • New: Checking the connection after sending the sequence

Version 1.3 [2023-01-23]

  • New: Settings file encryption
  • New: Inactivity lock
  • Real portable version
  • Adjustments to the user interface
  • Some internal adjustments and corrections
  • External libraries updated

Version 1.2 [2020-05-15]

  • Feature: console application added
  • Bugfix: fixed issue when nothing was entered in the sequence form in program delay
  • Design: sequence list is now sorted

Version 1.1 [2020-04-30]

  • Feature: run external program after sending sequence
  • Bugfix: value of delay beween packets is now used
  • Update: PacketDotNet was updated to 1.0.5

Version 1.0 [2020-03-25]

  • first release