explaingit

rezakhosh78/rkh-sni-spoofing

19PythonAudience · ops devopsComplexity · 2/5Setup · easy

TLDR

A command-line scanner that checks a list of domains to find which ones work for SNI spoofing, a technique used to reach blocked websites by disguising your connection's destination.

Mindmap

mindmap
  root((repo))
    What it does
      Scans domains for SNI
      Checks VPS IP match
      Flags usable domains
    Versions
      Bash lightweight
      Python multithreaded
    Outputs
      success.txt
      fail.txt
      result.json
    Use Cases
      Censorship bypass
      Large domain scanning
      VPS routing check
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Scan hundreds of domains against your VPS to find which ones are suitable for bypassing internet censorship via SNI spoofing.

USE CASE 2

Use the Python multithreaded version to quickly process large domain lists and save results to success.txt, fail.txt, and result.json.

USE CASE 3

Identify Cloudflare data-center codes and countries for each successful SNI-spoofing domain using the JSON output.

Tech stack

PythonBash

Getting it running

Difficulty · easy Time to first run · 5min

Requires a VPS IP and a text file of domains, no external Python libraries needed beyond the standard library.

In plain English

RKh-SNI-Spoof Scanner is a tool that checks whether a list of domain names is suitable for SNI spoofing. SNI (Server Name Indication) is a part of how HTTPS connections are established: it tells the server which domain a client wants to reach before the encrypted session begins. SNI spoofing exploits this by making a connection appear to target one domain while actually routing traffic through another, a technique used in some censorship-circumvention setups to reach blocked services. The tool takes a list of domains and a VPS (virtual private server) IP address that you control. For each domain, it checks whether the IP returned by the connection matches your VPS IP. If it matches, the domain is marked as a success for spoofing use, if not, it is marked as failed. The README is written in Farsi and the context suggests this is aimed at users in regions with restricted internet access. There are two versions. The Bash version is lightweight, requires no installed dependencies, and reads a domains.txt file. The Python version adds multi-threading for speed, automatic retries, input sanitization, and saves results in three files: success.txt, fail.txt, and a result.json that includes the domain, IP, Cloudflare data-center code, and country for each successful entry. Both versions run from the command line. You enter your VPS IP and a timeout value, then the scanner works through the domain list and prints results as it goes. The Python version is described as better suited for large-scale scans. No external Python libraries are required beyond the standard Python 3 installation.

Copy-paste prompts

Prompt 1
I have a file called domains.txt and a VPS IP address. Show me how to run rkh-sni-spoofing in Python mode to scan all domains and save the results.
Prompt 2
How do I use rkh-sni-spoofing to find domains that route through my VPS for SNI spoofing? Walk me through setting the timeout and reading the output files.
Prompt 3
Using rkh-sni-spoofing's result.json, write a Python script to filter successful domains by Cloudflare country code so I can pick the best candidates.
Prompt 4
How do I run the Bash version of rkh-sni-spoofing with a custom domains.txt file when I don't have Python available?
Open on GitHub → Explain another repo

← rezakhosh78 on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.