Skip to content

Suggestions on DPI-spoofing #1

New issue
New issue
Open
Open
Suggestions on DPI-spoofing#1
@someone2037492034

Description

@someone2037492034
someone2037492034
opened on Aug 23, 2025

Hi. Thanks for creating this guide. I think it may help users a bit more if it had info on 'DPI-spoofing'.
See here: https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40064
Also here: https://gitlab.torproject.org/tpo/anti-censorship/censorship-analysis/-/issues/40050

So the first one is about (public)WebTunnel bridges getting blocked in Russia, the hostnames/domains of the bridges get added to a 'sni' filter to block, but that can by bypassed using DPI-spoofing tools like:
https://github.com/romanvht/ByeByeDPI/ (uses ByeDPI, but implements it in a GUI for Android, the only good dpi-spoofing app for Android)
GoodbyeDPI for Windows: https://github.com/ValdikSS/GoodbyeDPI,
zapret for all platforms but Android:
https://github.com/bol-van/zapret (default settings via easy_install.sh work for WebTunnel),
PowerTunnel a GUI(works good on PC, not on Android),
https://github.com/krlvm/PowerTunnel (you can configure https chunking there, it should be set to split position 1 and full chunking, you can also add some http tricks, and configure DoH), and
byedpi:
https://github.com/hufrea/byedpi

zapret and byedpi being the most advanced, they use tricks to fool the sni-detection filter and allow you to access the free web, can't speak for other countries like China though.

About obfs4, it gets blocked (by protocol) on mobile networks, but if you set a byedpi split argument "--split 1", (or you can try to use any split number if it won't work anymore like 0.7, 2.5, etc...)then it works again (but public obfs4 bridges get blocked by IP, so you should find ones that aren't blocked... It's easier to do that via the Android app Invizible Pro, there you can ping-test all obfs4 bridges, for instance, and see if they're blocked by IP).
It'd be cool if info on the DPI-spoofing techniques for Tor access, for example, would be added. (also, the Tor Project should add an option in lyrebird that allows you to securely spoof the sni of a bridge, but that's not yet implemented and not all bridges will support that, these tools help already, and I hope will help later on, too)
Thanks.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions