Trojan Go

Trojan-go is a network proxy implementation that uses the Trojan protocol to disguise internet traffic as standard TLS to bypass censorship and deep packet inspection. It functions as a tunneling gateway that encapsulates network data within encrypted tunnels to mimic ordinary web browsing.

The project distinguishes itself through advanced obfuscation techniques, including TLS fingerprint mimicry to avoid detection by client signature identification and the use of WebSockets to relay encrypted traffic through content delivery networks. It also supports UDP forwarding through the Trojan protocol to enable non-TCP traffic.

The system includes capabilities for secure network proxying, such as AEAD-based second-layer encryption and database-driven user authentication for quota management. Traffic is managed via rule-based destination routing and TCP connection multiplexing to reduce handshake latency. It further supports transparent proxying by intercepting network traffic at the system level.

Features

Traffic Proxying - Functions as a tunneling gateway that encapsulates network data to bypass internet censorship and hide online activity.
Traffic Disguise Techniques - Encapsulates proxy data within TLS tunnels to disguise network traffic as standard web browsing.
Censorship Bypasses - Utilizes the Trojan protocol to disguise traffic as ordinary web browsing to evade state-level internet censorship.
CDN-Based Obfuscation Relays - Wraps protocol traffic in WebSockets to relay encrypted data through content delivery networks for traffic obfuscation.
CDN Routing Gateways - Acts as a gateway that uses WebSockets to route traffic through CDNs to mask server identity.
Connection Multiplexing - Maps multiple independent TCP streams into a single shared TLS tunnel to eliminate repeated handshake latency.
Proxy Protocol Implementations - Implements the Trojan protocol to disguise network traffic as standard TLS for bypassing deep packet inspection.
Secure Proxy Gateways - Routes internet and UDP traffic through encrypted tunnels to hide online activity and protect user privacy.
CDN Relay Obfuscation - Wraps protocol traffic in WebSockets to relay encrypted data through content delivery networks for obfuscation.
Destination-Based Routing - Directs network requests to be proxied, bypassed, or blocked based on customizable destination rules.
Trojan Protocol Implementations - Uses the Trojan protocol to encapsulate network traffic, disguising it as standard TLS to bypass deep packet inspection.
TLS Fingerprint Impersonators - Impersonates the TLS handshake of specific browsers to evade detection by network fingerprinting systems.
Traffic Obfuscation Suites - Modifies TLS fingerprints and uses CDN relaying to make proxy connections indistinguishable from standard web browsing.
TLS and WebSocket Tunnel Encryption - Functions as a gateway that encapsulates network data within TLS and WebSocket encrypted tunnels to mimic web traffic.
Pluggable Transport Layers - Provides modular interfaces that allow external obfuscation tools to replace the default security layer for data transmission.
Plugin-Based Transport Extensions - Supports the integration of external plugins to implement custom transport protocols and obfuscation methods.
UDP Tunneling - Provides encapsulation and redirection of UDP traffic through the Trojan proxy tunnel.
Quota Management Systems - Provides database-driven authentication and tracks data consumption to enforce traffic quotas for shared proxy resources.
TCP Connection Multiplexers - Multiplexes multiple TCP streams through a single TLS tunnel to improve speed and reduce handshake latency.
Low-Latency Tunneling - Reduces connection latency and overhead by multiplexing multiple TCP streams through a single encrypted TLS tunnel.
AEAD Encrypted Proxies - Implements AEAD ciphers with per-session subkeys to protect proxy data from inspection by untrusted intermediaries.
Multiplexed - Implements a proxy system that carries multiple TCP streams through a single TLS connection to reduce handshake latency.
Transparent Network Proxies - Intercepts network traffic at the system level using network address translation to route packets without client-side configuration.
UDP Proxies - Supports the forwarding of UDP packets through the Trojan protocol to enable non-TCP internet traffic.
AEAD Cipher Implementations - Implements AEAD ciphers like chacha20-poly1305 to provide an additional layer of integrity and authenticity for tunnel traffic.
Traffic Quota Enforcements - Provides database-driven user authentication to enforce data consumption limits and traffic quotas.
Proxy User Managers - Manages multiple proxy users and enforces data consumption limits via an external database.
Rule-Based Routing Systems - Directs network requests to be proxied, bypassed, or blocked based on criteria such as domain, IP, or port.

shadowsocks/shadowsocks-rust

10,729View on GitHub

A Rust port of shadowsocks

daeuniverse/dae

5,876View on GitHub

dae is a high-performance Linux network tool that functions as an eBPF transparent proxy. It intercepts and redirects packets at the kernel level to route internet traffic based on domains, IP addresses, and process names. The project distinguishes itself by modifying TLS handshakes to simulate browser signatures, which prevents server-side detection of proxy traffic. It also implements a full-cone network address translation gateway to maintain stable bidirectional connections and utilizes a latency-based node selector to automatically route traffic through the fastest available proxy nodes.

bol-van/zapret

15,555View on GitHub

Zapret is a deep packet inspection bypass tool and packet manipulation framework designed to circumvent network censorship. It operates as a transparent network proxy and TCP traffic obfuscator that modifies packets to deceive network inspection systems. The project distinguishes itself through advanced desynchronization strategies, including the modification of TLS client hello handshakes and the use of fake packet injection. It utilizes a combination of TCP stream segmentation, sequence overlapping, and TTL adjustment to hide prohibited requests from firewalls while ensuring the destination

mitmproxy/mitmproxy

43,943View on GitHub

Mitmproxy is an interactive, programmable network proxy engine designed for traffic analysis and protocol manipulation. It functions as a gateway that intercepts, inspects, and modifies network traffic in real-time, supporting HTTP, HTTPS, WebSocket, DNS, and generic TCP or UDP streams. By acting as a trusted certificate authority, the proxy can dynamically generate and sign certificates to decrypt and analyze secure TLS-encrypted connections. The project distinguishes itself through a highly extensible, event-driven architecture that allows users to automate traffic transformation using cust

shadowsocks/shadowsocks-rust

10,729View on GitHub

A Rust port of shadowsocks

p4gefau1ttrojan-go

Features

Open-source alternatives to Trojan Go

shadowsocks/shadowsocks-rust

daeuniverse/dae

bol-van/zapret

mitmproxy/mitmproxy

Star history

Open-source alternatives to Trojan Go

shadowsocks/shadowsocks-rust

daeuniverse/dae

bol-van/zapret

mitmproxy/mitmproxy