Analysis updated 2026-07-03
Scan an IP range in CIDR notation to find TLS servers compatible with the Reality protocol cover destination requirements.
Export TLS scan results including domain, certificate issuer, and country code to a CSV file for offline analysis.
Point the scanner at a URL listing many domains and batch-scan all of them for TLS handshake details in parallel.
| xtls/realitlscanner | looplj/axonhub | aws/copilot-cli | |
|---|---|---|---|
| Stars | 3,733 | 3,733 | 3,738 |
| Language | Go | Go | Go |
| Setup difficulty | easy | moderate | moderate |
| Complexity | 2/5 | 3/5 | 3/5 |
| Audience | developer | developer | ops devops |
Figures from each repo's GitHub metadata at analysis time.
RealiTLScanner is a command-line tool written in Go that scans TLS servers. TLS is the encryption protocol behind HTTPS connections. The scanner is designed to work alongside the Reality protocol, a feature in the XTLS/Xray project, and helps users find servers that are suitable to use as cover destinations for that protocol. You give the tool a target, such as an IP address, a range of IP addresses in CIDR notation, or a domain name, and it connects to each one on port 443 (or a port you specify), checks the TLS handshake, and records details like the TLS version used, the domain name from the certificate, and who issued the certificate. Results are printed to the terminal and saved to a CSV file. You can also point the tool at a URL listing many domains, and it will crawl that page to collect targets before scanning them. Options include setting the number of parallel scan threads (default is one), adjusting the connection timeout per target (default is ten seconds), and enabling verbose output to see both successful and failed connections. If you place a MaxMind GeoLite2 country database file in the same directory, the tool will also add a country code to each result. The README includes a sample of terminal output showing the IP address, connected domain, and certificate issuer for each successful connection, and a sample CSV showing those same fields with a geo code column added. The project is built and run locally with a single Go build command. A Docker option is also provided for users who do not want to install Go on their machine. The README recommends running the scanner on a local machine rather than a cloud server, because cloud IP addresses may be blocked or flagged by the servers being scanned.
A command-line tool that scans TLS servers across IP ranges or domain lists, recording certificate details to help identify suitable cover destinations for the Reality privacy protocol.
Mainly Go. The stack also includes Go, Docker, MaxMind GeoLite2.
No license information is provided in the explanation.
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.