explaingit

zmn-hamid/sni-spoofing-scanner

16GoAudience · developerComplexity · 3/5LicenseSetup · moderate

TLDR

A Go tool that scans a list of proxy configurations to find which ones work with SNI spoofing, a technique for bypassing network censorship filters.

Mindmap

mindmap
  root((sni-spoofing-scanner))
    What it does
      Tests proxy configs
      Finds working SNI spoofs
      Outputs passing configs
    How it works
      Reads trojan/vless configs
      Uses Xray proxy core
      Works with companion tool
    Setup
      Download companion tool
      Add proxy configs file
      Configure address/port
    Tech stack
      Go
      Xray core
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Automatically test a batch of proxy configurations to identify which ones successfully bypass censorship using SNI spoofing.

USE CASE 2

Build a workflow to keep a curated list of working circumvention proxies updated by re-scanning periodically.

Tech stack

GoXray

Getting it running

Difficulty · moderate Time to first run · 30min

Requires the separate SNI-Spoofing companion tool to be running before the scanner can test any configs.

MIT license, use freely for any purpose, including commercial use, as long as you keep the copyright notice.

In plain English

This tool scans a list of proxy configurations to find which ones work with a censorship-circumvention technique called SNI spoofing. SNI stands for Server Name Indication, a piece of information sent at the start of a TLS connection that identifies which website a client wants to reach. Some network filtering systems use SNI to block or monitor connections, and SNI spoofing is a method of substituting a different, allowed domain name in that field so the connection is not blocked. The scanner takes a text file containing proxy configs in two formats, trojan and vless, and tests each one to see whether it functions when routed through an SNI spoofing layer. It works alongside a separate companion program called SNI-Spoofing, which must be running first. For each config in the input file, the scanner rewrites the connection target to use the spoofed address, tests it a configurable number of times using the Xray network proxy core, and records the configs that pass into a separate output file. Setup involves downloading the companion SNI-Spoofing tool, copying a sample configuration file, adding your proxy configs to a text file (one per line), and then running the scanner. The configuration file lets you adjust the address and port to match what the companion tool is using, and the number of test pings per config. The project is written in Go, can be built from source using standard Go commands, and is released under the MIT License. A Persian-language version of the README is also included.

Copy-paste prompts

Prompt 1
I have a text file of trojan and vless proxy configs. Using sni-spoofing-scanner, how do I scan them to find which ones work with SNI spoofing? Show me the setup steps and the command to run.
Prompt 2
How do I configure sni-spoofing-scanner's config file to point to my running SNI-Spoofing companion tool's address and port?
Prompt 3
How do I build sni-spoofing-scanner from source using Go, and what Go version do I need?
Prompt 4
How do I adjust the number of test pings per proxy config in sni-spoofing-scanner to make scanning faster or more reliable?
Open on GitHub → Explain another repo

← zmn-hamid on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.