PechenyeRU

PechenyeRU / FakeSNI

Public

A fake SNI injector for linux, written in pure golang

46
16
69% credibility
Found Apr 14, 2026 at 46 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Go
AI Summary

FakeSNI is a Linux TCP proxy that injects a fake server name into TLS handshakes to evade deep packet inspection systems while forwarding real connections.

How It Works

1
💡 Discover FakeSNI

You hear about a handy tool that helps get around internet roadblocks by pretending to visit different websites.

2
📥 Get it ready

Download the program to your Linux computer and make sure it's prepared to run.

3
✏️ Pick your options

Choose a listening spot on your computer, the real website you want, and a fake name to show instead.

4
🚀 Start the helper

Run it with full computer permissions, and it quietly sets up to watch and adjust your connections.

5
🔄 Route your traffic

Tell your browser or app to send internet requests through the local helper address.

🌐 Access everything freely

Now you can visit blocked sites smoothly, as the roadblocks see the fake name and let real traffic pass.

Sign up to see the full architecture

4 more

Sign Up Free

Star Growth

See how this repo grew from 46 to 46 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is FakeSNI?

FakeSNI is a Linux TCP proxy written in pure Go that spoofs TLS SNI to bypass deep packet inspection (DPI). Clients connect to its listen port, which forwards traffic to a real upstream server while injecting a fake ClientHello packet with a decoy hostname right after the TCP handshake—tricking DPI into seeing harmless traffic without disrupting the real connection. Configure it via a simple JSON file specifying listen address, upstream IP/port, and fake SNI, then run with sudo for root-privileged packet handling.

Why is it gaining traction?

It stands out as a lightweight Go rewrite of a Python SNI-spoofing tool, delivering low-latency proxying without eBPF overhead or Windows-only dependencies. Developers grab it for its automatic iptables rules, conntrack tweaks, and handshake timeouts that just work out of the box, making DPI evasion reliable on standard Linux distros. The config-driven setup lets you chain it behind any TCP client or proxy seamlessly.

Who should use this?

Network engineers building custom proxies in censored regions, VPN devs needing per-connection SNI obfuscation, or sysadmins routing traffic through DPI-heavy ISPs. It's for folks proxying HTTPS to blocked domains like auth.vercel.com, where real SNI would trigger blocks.

Verdict

Try it if you need quick Linux SNI spoofing—docs are thorough, build is a one-liner with Go 1.22+, and it cleans up iptables on exit. With only 46 stars and a 0.699999988079071% credibility score, it's early-stage from a solo maintainer; test thoroughly before production.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.