This is a small Go program that acts as a plugin for Shadowsocks, an open-source proxy tool. Shadowsocks has a plugin specification called SIP003 that lets you wrap its encrypted traffic in another protocol so that on-the-wire inspection sees something else. This plugin wraps Shadowsocks traffic inside HTTP/2 frames, so to a passive observer the connection looks like ordinary HTTP/2 web traffic instead of a custom proxy protocol. The author is very direct that this is only an example project tied to a blog post (linked in the description) and writes in bold DO NOT use it in real world use cases. So the README's job is to show the technique, not to ship a production tool. Usage is two command lines, one for the server and one for the client. Both run the normal Shadowsocks binaries (ssserver and sslocal) with a --plugin argument pointing at the compiled http2-obfuscator binary, plus plugin options like mode, host, and path. The mode option flips the plugin between client (default) and server. The host and path values control the HTTP/2 :authority and :path pseudo-headers that the wrapped traffic carries, which is what makes the bytes look like a real HTTP/2 request to a chosen hostname. A How It Works section walks through the flow. Shadowsocks starts the plugin and passes connection details via environment variables. The client side takes the encrypted Shadowsocks payload and wraps it in HTTP/2 HEADERS plus DATA frames. The server side reverses that and forwards the unwrapped traffic to ss-server. The README notes the on-wire shape: HTTP/2 connection preface, a SETTINGS frame, HEADERS with method POST, then DATA frames. The Built With section is unusually candid: the project was generated by opencode, a command-line AI coding agent, using a model called deepseek-v4-flash-free, over roughly a 2.5 hour session with around 380k to 420k tokens. It depends on golang.org/x/net/http2 for the actual HTTP/2 framing and HPACK header encoding, and an integration test script runs it end-to-end against shadowsocks-rust.
Generated 2026-05-21 · Model: sonnet-4-6 · Verify against the repo before relying on details.