Skip to content
/ pipecrypt Public

🔑you had me at ClientHello; testbed for SNI header DPI filtering and real-time communications network attacks

License

MIT license
5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ntblk/pipecrypt

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
copy_buffer.go
copy_buffer.go
 
 
listener.go
listener.go
 
 
sni_proxy.go
sni_proxy.go
 
 
tls_clienthello.go
tls_clienthello.go
 
 

Repository files navigation

pipecrypt: the SNI pass-through proxy

pipecrypt is a simple TCP proxy that filters and forwards encrypted traffic following the TLS SNI handshake, replaying the ClientHello and establishing a secure channel between two endpoints which may be unable or unwilling to otherwise establish direct communications with each other.

This module is a intended as a testbed for research around decentralization and inspired by the transport layer in the Fabio load balancing HTTPS and TCP router.

Synopsis

There are compelling privacy benefits associated with self-hosting services and storage of personal data. However, exposing home networks IP addresses can introduce risk.

SNI-brokered TLS forwarding offers a simple means to maintain end-to-end security, establishing a direct HTTPS connection between the user agent and home server, via an intermediate server that has no means to decrypt or access the content of the communication.

This package is maintained as part of the the NetBlocks.org network observation framework.

Installation

go build

About

🔑you had me at ClientHello; testbed for SNI header DPI filtering and real-time communications network attacks

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

5 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages