stpavel/tspu-probe

★ 16JavaAudience · ops devopsComplexity · 2/5Setup · easy

Mindmap

mindmap
  root((repo))
    What It Does
      VPN block diagnosis
      Layer-by-layer testing
      Domain name sweep
    Test Steps
      Ping check
      TCP connection test
      TLS without SNI
      TLS with SNI
    Tech Stack
      Java
      Android SDK
    Output
      Plain diagnosis text
      Recommended action
      Best domain suggestion
    Audience
      VPN users
      Network operators

mindmap root((repo)) What It Does VPN block diagnosis Layer-by-layer testing Domain name sweep Test Steps Ping check TCP connection test TLS without SNI TLS with SNI Tech Stack Java Android SDK Output Plain diagnosis text Recommended action Best domain suggestion Audience VPN users Network operators

Click or tap to explore — scroll the page freely

Things people build with this

USE CASE 1

Enter a VPN server address and run the diagnostic to find out whether TCP, TLS, or SNI filtering is blocking your connection.

USE CASE 2

Use the sweep feature to test a list of domain names and identify which ones reach your VPN server without being blocked.

USE CASE 3

Get a plain-language diagnosis telling you exactly what to change, whether port, server IP, or domain name, to restore your VPN connection.

Tech stack

JavaAndroid SDK

Getting it running

Difficulty · easy Time to first run · 5min

Android 7.0 or newer required, all documentation is written in Russian.

In plain English

TSPU Probe is a native Android app, written in Russian-language documentation, that diagnoses why a VPN connection is failing on a particular network. VPN connections can be blocked at different layers of the network stack, and standard tools like ping cannot always tell you which layer is responsible. This app steps through each layer in sequence and reports exactly where the connection breaks down. You enter a server IP address, port, and SNI (the domain name the VPN client sends when establishing a connection), and the app runs a series of tests. First it checks basic connectivity with a ping. Then it tries a raw TCP connection to see if the port is even reachable. After that it attempts a TLS handshake without specifying any domain name, then again with your specific domain. By comparing whether TLS works with and without a domain name, it can detect whether the blocking is at the TLS level or specifically triggered by a particular domain name, which is called SNI filtering. A sweep feature runs through a list of domain names and tests each one with a short pause between tests to avoid triggering scan-detection systems. It shows which domains reach your server and which get blocked or time out, then recommends the best one to use based on connection latency. At the end, the app gives a plain diagnosis: TCP is blocked and you should change ports, TLS is entirely blocked and you should change your server IP, SNI filtering is active and it recommends a working domain, or the network is clean and the problem is likely in your client configuration. The README is written in Russian. The app requires Android 7.0 or newer and does not need root access. It uses only standard Java and the Android SDK with no third-party networking libraries.

Copy-paste prompts

Prompt 1

I'm using TSPU Probe and the TCP test passes but TLS without SNI fails. What does that mean about how my connection is blocked and what should I change?

Prompt 2

How do I use the sweep feature in TSPU Probe to test 20 different domain names and identify which one is not blocked by my ISP?

Prompt 3

TSPU Probe says SNI filtering is active and recommends a specific domain. How do I configure that recommended domain in my VPN client?

Prompt 4

Explain what SNI filtering is and how TSPU Probe detects it by comparing TLS connection results with and without a domain name specified.

Open on GitHub → Explain another repo

← stpavel on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.