Skip to content

ban6cat6/protean

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

767 Commits
.github/workflows
.github/workflows
 
 
dicttls
dicttls
 
 
docs
docs
 
 
examples
examples
 
 
fipsonly
fipsonly
 
 
hmqv
hmqv
 
 
internal
internal
 
 
testdata
testdata
 
 
testenv
testenv
 
 
tests
tests
 
 
.travis.yml
.travis.yml
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
CONTRIBUTORS_GUIDE.md
CONTRIBUTORS_GUIDE.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
alert.go
alert.go
 
 
auth.go
auth.go
 
 
auth_test.go
auth_test.go
 
 
cache.go
cache.go
 
 
cache_test.go
cache_test.go
 
 
cipher_suites.go
cipher_suites.go
 
 
common.go
common.go
 
 
common_string.go
common_string.go
 
 
conn.go
conn.go
 
 
conn_test.go
conn_test.go
 
 
defaults.go
defaults.go
 
 
ech.go
ech.go
 
 
ech_test.go
ech_test.go
 
 
example_test.go
example_test.go
 
 
generate_cert.go
generate_cert.go
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
handshake_client.go
handshake_client.go
 
 
handshake_client_test.go
handshake_client_test.go
 
 
handshake_client_tls13.go
handshake_client_tls13.go
 
 
handshake_messages.go
handshake_messages.go
 
 
handshake_messages_test.go
handshake_messages_test.go
 
 
handshake_server.go
handshake_server.go
 
 
handshake_server_test.go
handshake_server_test.go
 
 
handshake_server_tls13.go
handshake_server_tls13.go
 
 
handshake_test.go
handshake_test.go
 
 
handshake_unix_test.go
handshake_unix_test.go
 
 
key_agreement.go
key_agreement.go
 
 
key_schedule.go
key_schedule.go
 
 
key_schedule_test.go
key_schedule_test.go
 
 
link_test.go
link_test.go
 
 
logo.png
logo.png
 
 
logo_small.png
logo_small.png
 
 
prf.go
prf.go
 
 
prf_test.go
prf_test.go
 
 
protean.go
protean.go
 
 
protean_client.go
protean_client.go
 
 
protean_fp_concealment.go
protean_fp_concealment.go
 
 
protean_key_schedule.go
protean_key_schedule.go
 
 
protean_server.go
protean_server.go
 
 
protean_server_tls13.go
protean_server_tls13.go
 
 
protean_test.go
protean_test.go
 
 
protean_utils.go
protean_utils.go
 
 
quic.go
quic.go
 
 
quic_test.go
quic_test.go
 
 
ticket.go
ticket.go
 
 
ticket_test.go
ticket_test.go
 
 
tls.go
tls.go
 
 
tls_test.go
tls_test.go
 
 
u_alias.go
u_alias.go
 
 
u_clienthello_json.go
u_clienthello_json.go
 
 
u_clienthello_json_test.go
u_clienthello_json_test.go
 
 
u_common.go
u_common.go
 
 
u_common_test.go
u_common_test.go
 
 
u_conn.go
u_conn.go
 
 
u_conn_test.go
u_conn_test.go
 
 
u_ech.go
u_ech.go
 
 
u_ech_test.go
u_ech_test.go
 
 
u_fingerprinter.go
u_fingerprinter.go
 
 
u_fingerprinter_test.go
u_fingerprinter_test.go
 
 
u_handshake_client.go
u_handshake_client.go
 
 
u_handshake_messages.go
u_handshake_messages.go
 
 
u_hpke.go
u_hpke.go
 
 
u_key_schedule.go
u_key_schedule.go
 
 
u_parrots.go
u_parrots.go
 
 
u_pre_shared_key.go
u_pre_shared_key.go
 
 
u_prng.go
u_prng.go
 
 
u_public.go
u_public.go
 
 
u_quic.go
u_quic.go
 
 
u_quic_transport_parameters.go
u_quic_transport_parameters.go
 
 
u_quic_transport_parameters_test.go
u_quic_transport_parameters_test.go
 
 
u_roller.go
u_roller.go
 
 
u_session_controller.go
u_session_controller.go
 
 
u_session_ticket.go
u_session_ticket.go
 
 
u_tls_extensions.go
u_tls_extensions.go
 
 

Repository files navigation

Protean (Charm)

Protean is a fork of the uTLS library, designed to provide a robust and extensible framework for creating an indistinguishable TLS simulator.

Features

  • Cryptographically Sound: Employs an HMQV-based Authenticated Key Exchange (AKE) protocol to ensure secure key exchange with identity protection and weak Perfect Forward Secrecy (wPFS).
  • Extensibility: Supports flexible extensions for QUIC, HTTP fingerprint and post-handshake messages simulation, leveraging the TLS connection towards the minic target.
  • Protocol Compatibility: Supports TLS 1.3 and TLS 1.2.
  • Resistant to Aparecium Attack: Designed to be resilient against known interative active probing.

Usage

Check the compatibility tests

How it works

Protean actively exposes client's ephemeral private keys during the handshake process by a secure means, allowing the server to authenticate the client and perform a delegated handshake towards the target server. By this mean, the server could acquire any necessary server fingerprints as it required, like performing an MITM attack. The implementation is detailed in the protocol specification

About

A modern, secure TLS camouflage library

Topics

tls obfuscation censorship-circumvention anti-censorship ake

Resources

Readme

License

BSD-3-Clause license

Contributing

Contributing

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages