# klzgrad/naiveproxy

**Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/klzgrad-naiveproxy).**

9,196 stars · 1,013 forks · C++ · BSD-3-Clause

## Links

- GitHub: https://github.com/klzgrad/naiveproxy
- awesome-repositories: https://awesome-repositories.com/repository/klzgrad-naiveproxy.md

## Description

naiveproxy is a censorship circumvention tool and traffic obfuscation proxy. It functions as an HTTP/2 transport proxy that tunnels SOCKS5 traffic over HTTP/2 to hide network activity and bypass network blocks.

The project distinguishes itself by mimicking standard web browser requests to evade deep packet inspection. It employs traffic camouflage techniques such as redirecting unauthorized probing requests to decoy web servers and using randomized packet padding to defeat length-based traffic analysis.

The software provides a local SOCKS5 proxy endpoint, credential-based request authentication, and a proxy auto-configuration server for mobile devices. It includes optimizations for connection latency and network throughput.

The project supports static binary compilation for multiple CPU architectures to facilitate deployment on embedded router hardware and integrates as a background system service on Linux.

## Tags

### Networking & Communication

- [Browser Traffic Mimicry](https://awesome-repositories.com/f/networking-communication/browser-traffic-mimicry.md) — Mimics standard web browser requests using a standard network stack to evade deep packet inspection and censorship. ([source](https://github.com/klzgrad/naiveproxy#readme))
- [HTTP Traffic Camouflaging](https://awesome-repositories.com/f/networking-communication/http-traffic-camouflaging.md) — Mimics standard web browser requests to bypass deep packet inspection and network filters.
- [SOCKS5 Translation](https://awesome-repositories.com/f/networking-communication/http-proxies/socks5-translation.md) — Converts local SOCKS5 proxy requests into an obfuscated HTTP stream for transmission to a remote server.
- [HTTP/2 Tunnels](https://awesome-repositories.com/f/networking-communication/network-infrastructure-routing/network-proxying-tools/network-proxies/udp-tunneling/http-tunnels/http-2-tunnels.md) — Utilizes the HTTP/2 protocol for secure, multiplexed, and obfuscated data transmission tunneling.
- [Traffic Pattern Obfuscation](https://awesome-repositories.com/f/networking-communication/packet-injection-engines/traffic-pattern-obfuscation.md) — Employs randomized packet padding to disguise communication patterns and defeat length-based traffic analysis. ([source](https://github.com/klzgrad/naiveproxy#readme))
- [Packet Length Obfuscation](https://awesome-repositories.com/f/networking-communication/packet-length-obfuscation.md) — Adds randomized padding to packets to prevent traffic analysis based on packet size.
- [Traffic Masking Proxies](https://awesome-repositories.com/f/networking-communication/proxy-servers/traffic-masking-proxies.md) — Camouflages proxy traffic as regular web browser requests to evade deep packet inspection.
- [SOCKS5 Proxies](https://awesome-repositories.com/f/networking-communication/socks5-proxies.md) — Creates a local SOCKS5 proxy endpoint that forwards traffic to a remote server via secure tunnels. ([source](https://github.com/klzgrad/naiveproxy/blob/master/README.md))
- [HTTP/2 Transport Tunnels](https://awesome-repositories.com/f/networking-communication/socks5-proxies/http-2-transport-tunnels.md) — Tunnels SOCKS5 traffic over HTTP/2 to bypass censorship and evade traffic analysis.
- [SOCKS5 Proxy Tunneling Clients](https://awesome-repositories.com/f/networking-communication/socks5-proxies/socks5-proxy-tunneling-clients.md) — Implements a local SOCKS5 proxy client that tunnels application traffic over an obfuscated HTTP/2 stream for DPI evasion. ([source](https://github.com/klzgrad/naiveproxy#readme))
- [Censorship-Resistant Redirections](https://awesome-repositories.com/f/networking-communication/traffic-redirection-tools/censorship-resistant-redirections.md) — Masks the proxy server's presence by redirecting unauthorized probing requests to legitimate external websites.
- [Unauthorized Traffic Redirection](https://awesome-repositories.com/f/networking-communication/unauthorized-traffic-redirection.md) — Redirects unauthorized probing requests to decoy web servers to hide the presence of the proxy service. ([source](https://github.com/klzgrad/naiveproxy/wiki/HAProxy-Setup))
- [Connection and Latency Optimizers](https://awesome-repositories.com/f/networking-communication/connection-and-latency-optimizers.md) — Improves responsiveness for persistent connections by tuning kernel buffer handling and disabling slow-start. ([source](https://github.com/klzgrad/naiveproxy/wiki/Performance-Tuning))
- [Cloaking Proxies](https://awesome-repositories.com/f/networking-communication/proxy-servers/cloaking-proxies.md) — Protects the backend proxy from discovery by routing probing requests through a frontend server. ([source](https://github.com/klzgrad/naiveproxy#readme))

### Security & Cryptography

- [Censorship Circumvention Tools](https://awesome-repositories.com/f/security-cryptography/censorship-circumvention-tools.md) — Enables access to blocked content by routing traffic through decoy servers and obfuscated tunnels.
- [Traffic Obfuscators](https://awesome-repositories.com/f/security-cryptography/traffic-obfuscators.md) — Hides proxy connections by mimicking standard web browser activity to bypass deep packet inspection.
- [Proxy Authentication](https://awesome-repositories.com/f/security-cryptography/proxy-authentication.md) — Provides credential-based authentication to verify users before granting access to the backend proxy service. ([source](https://github.com/klzgrad/naiveproxy/wiki/HAProxy-Setup))

### DevOps & Infrastructure

- [Data Throughput Optimizers](https://awesome-repositories.com/f/devops-infrastructure/data-throughput-optimizers.md) — Maximizes data transfer speeds over high-latency links by adjusting window sizes and congestion control. ([source](https://github.com/klzgrad/naiveproxy/wiki/Performance-Tuning))
- [Embedded Hardware Deployment](https://awesome-repositories.com/f/devops-infrastructure/deployment-management-strategies/execution-platforms-and-targets/hardware-profile-deployments/embedded-hardware-deployment.md) — Provides support for deploying the proxy service on various embedded router architectures. ([source](https://github.com/klzgrad/naiveproxy/wiki/OpenWrt-Support))

### Hardware & IoT

- [Embedded Router Networking](https://awesome-repositories.com/f/hardware-iot/embedded-router-networking.md) — Allows for the installation and operation of proxy services on embedded hardware to secure entire networks.

### Web Development

- [Header-Based Routing](https://awesome-repositories.com/f/web-development/backend-development/request-response-handling/http-utilities/http-header-manipulators/http-request-header-inspectors/header-based-routing.md) — Implements routing logic that forwards requests to a backend or decoy site based on specific HTTP request headers.
