9 Repos
Security tools that mask data packets to mimic standard web activity and bypass network interference.
Distinguishing note: Focuses on packet masking and censorship circumvention rather than general network routing or proxying.
Explore 9 awesome GitHub repositories matching security & cryptography · Traffic Obfuscators. Refine with filters or upvote what's useful.
V2ray-core is a modular network proxy engine designed to manage inbound and outbound traffic through a unified, rule-based processing pipeline. It functions as a background service that operates multiple concurrent network protocols within a single process, allowing for flexible traffic management and the independent handling of diverse communication streams. The project distinguishes itself through a highly decoupled architecture that treats network protocols as swappable modules, enabling the encapsulation of various transport layers into a consistent stream-based model. It features a centr
A security-focused tool that masks data packets to mimic standard web activity and bypass network interference or restrictive filtering.
Streisand is an orchestration system for deploying multi-protocol tunneling services and traffic obfuscation tools designed to circumvent regional network restrictions. It functions as a deployment utility and manager for various VPN and proxy services on remote cloud servers. The system distinguishes itself through a network obfuscation toolkit that wraps traffic in layers to evade deep packet inspection and bandwidth throttling. It automates the setup of multiple protocols, including WireGuard, OpenVPN, Shadowsocks, OpenConnect, OpenSSH, and Tor bridges. The project also includes utilities
Encapsulates traffic within SSL or Shadowsocks layers to mimic standard web activity and bypass network interference.
Trojan is a censorship circumvention tool and TLS proxy server designed to bypass network restrictions by imitating legitimate web services. It functions as a TLS traffic obfuscator that masks proxy activity by mimicking the handshake and data flow of standard HTTPS requests. The system disguises network traffic as common web browsing to avoid deep packet inspection. It achieves this by wrapping TCP and UDP data within TLS encryption and forwarding unauthenticated or unauthorized requests to a legitimate destination website to hide the proxy's purpose. The project provides a tunnel that conv
Imitates legitimate web services and HTTPS handshakes to hide proxy activity from deep packet inspection.
Lantern is a network utility designed to provide access to restricted internet content by tunneling traffic through encrypted connections. It functions as a censorship circumvention tool that enables private web browsing and ensures reliable connectivity in environments where standard network access is blocked or monitored. The application employs a decentralized infrastructure that routes data through a network of distributed proxy nodes. To maintain connectivity in the face of interference, it utilizes dynamic proxy discovery and adaptive fallback mechanisms that automatically switch betwee
Wraps network requests in standard protocols to hide traffic patterns from deep packet inspection and restrictive firewalls.
This project is a technical resource and guide for bypassing internet censorship and network restrictions. It provides instructional documentation for configuring proxies and tunnels to circumvent IP blocking and access restricted websites and services. The guides cover the deployment of Shadowsocks, L2TP/IPSec, and SSH tunnels on virtual private servers. It focuses on masking server IP addresses by routing traffic through content delivery networks and using WebSockets to maintain connectivity. Additional technical coverage includes the implementation of SOCKS5 and HTTP proxies, the configur
Ships methods to mask data packets as standard web activity to bypass network interference and censorship.
Amnezia Client is a cross-platform VPN client application and server orchestrator designed to manage secure tunnels and automate the deployment of containerized VPN services on remote self-hosted servers. It functions as a multi-protocol VPN manager that supports various tunneling standards to ensure connectivity across restrictive network environments. The project distinguishes itself through network traffic obfuscation, which disguises VPN traffic as common web protocols or DNS requests to bypass deep packet inspection and censorship. It further enables the automation of remote server admin
Disguises VPN traffic as standard web activity to evade deep packet inspection and network censorship.
naiveproxy is a censorship circumvention tool and traffic obfuscation proxy. It functions as an HTTP/2 transport proxy that tunnels SOCKS5 traffic over HTTP/2 to hide network activity and bypass network blocks. The project distinguishes itself by mimicking standard web browser requests to evade deep packet inspection. It employs traffic camouflage techniques such as redirecting unauthorized probing requests to decoy web servers and using randomized packet padding to defeat length-based traffic analysis. The software provides a local SOCKS5 proxy endpoint, credential-based request authenticat
Hides proxy connections by mimicking standard web browser activity to bypass deep packet inspection.
Empire is a post-exploitation framework and command and control server designed to manage remote access agents. It provides a centralized system for coordinating these agents and executing specialized scripts across target systems. The project functions as a security evasion tool by adapting network communication patterns to bypass firewalls and monitoring tools. It utilizes a multi-language agent runtime and a modular plugin architecture to execute payloads across different operating systems. The framework covers a broad range of operational capabilities, including remote agent orchestratio
Modifies network traffic to mimic legitimate web activity and bypass security filters.
fhs-install-v2ray is a shell script that automates the deployment of V2Ray, a network proxy tool, on Linux servers. It downloads precompiled binaries and geographic data from a release server, places them into standard Linux filesystem directories, and registers V2Ray as a persistent background service managed by systemd. The script is designed to be idempotent, meaning repeated runs do not overwrite custom configurations, and uninstallation removes all installed files and services completely. The tool distinguishes itself by enforcing a Filesystem Hierarchy Standard (FHS) layout, mapping bin
Obfuscates proxy traffic to resemble standard HTTPS web traffic, hiding the node's true purpose.