DPIBreak

[!IMPORTANT]

Please make sure your usage complies with applicable laws and regulations. This software is provided "AS IS", WITHOUT ANY WARRANTY, to the extent permitted by applicable law; see COPYING (GPLv3 §§15–17).

Simple and efficient tool for circumventing Deep Packet Inspection (DPI) on HTTPS connections. It fragments the TCP packet carrying the TLS ClientHello so that certain DPI devices cannot extract the Server Name Indication (SNI) field and identify the destination site.

It only applies to the packets carrying TLS ClientHello; Other traffic is not even queued to userspace and passes through the kernel normally, unmodified. So, it is fast and does not affect core performance (e.g., video streaming speed) users may be concerned about.

Features

fake

Enable fake ClientHello packet injection before sending each packet fragmented. (See --fake section on dpibreak(1) for more information.)

Quickstart

Windows

1. Download and unzip the release from https://github.com/dilluti0n/dpibreak/releases/latest.
2. Double-click dpibreak.exe or start_fake.bat to use fake. (See WINDOWS_GUIDE.txt for more information.)

Linux

1. Download release tarball from https://github.com/dilluti0n/dpibreak/releases/latest.
2. Extract and install:

tar -xf DPIBreak-X.Y.Z-x86_64-unknown-linux-musl.tar.gz
cd DPIBreak-X.Y.Z-x86_64-unknown-linux-musl
sudo make install

3. To run:

sudo dpibreak
sudo dpibreak --fake --fake-ttl 8
dpibreak --help
man 1 dpibreak # manual

4. To uninstall:

sudo make uninstall

Linux with Cargo (crates.io)

Install Rust toolchain from https://www.rust-lang.org/learn/get-started.

cargo install dpibreak

• Requirements: libnetfilter_queue development files (e.g., libnetfilter-queue-dev on Ubuntu/Debian).

• Note: Since cargo installs to user directory, sudo might not see it. Use full path or link it:

# Option 1: Run with full path
sudo ~/.cargo/bin/dpibreak

# Option 2: Symlink to system bin (Recommended)
sudo ln -s ~/.cargo/bin/dpibreak /usr/bin/dpibreak
sudo dpibreak

How to use

Simply running the program should work without any issues. It requires administrator privileges to run:

• On Linux, you must run it with root privileges (e.g., sudo dpibreak).
• On Windows, double-clicking dpibreak.exe or start_fake.bat will automatically prompt for administrator permission. After it starts, a console window will open. You must keep this window open while using the program.

To stop using the program, press Ctrl+C or close the window; it will exit without leaving any global state behind. For more detailed information, please refer to dpibreak(1).

Reporting issues

See dpibreak(1)#BUGS. Report bugs at https://github.com/dilluti0n/dpibreak/issues.

To build

1. Install Rust toolchain from https://www.rust-lang.org/learn/get-started.
2. Clone this repo.

git clone https://github.com/dilluti0n/dpibreak.git

3. (Windows) Download WinDivert-2.2.2 and unzip it to the project root. Make sure WinDivert.dll and WinDivert64.sys are located in .../dpibreak/WinDivert-2.2.2-A/x64.
4. Build it.

cargo build --release

5. The binary will be available at ./target/release/dpibreak(.exe).
6. (Windows) Make sure WinDivert.dll and WinDivert64.sys are in the same folder as dpibreak.exe. (Copy them from WinDivert-2.2.2-A/x64)

To produce release zip/tarball

Release builds and deployments are automated via GitHub Actions. See release.yml for details.

• Windows:
  1. Download WinDivert:

  Invoke-WebRequest -Uri "https://reqrypt.org/download/WinDivert-2.2.2-A.zip" -OutFile WinDivert.zip
  Expand-Archive -Path WinDivert.zip -DestinationPath .\
  Remove-Item .\WinDivert.zip
  

  2. .\build.ps1 zipball
• Linux: make tarball

Release zip/tarball should be ready on directory dist.

Built with

DPIBreak is built upon these frameworks:

• Netfilter-queue - The user-space packet queuing system for Linux.
• WinDivert - A user-mode packet interception library for Windows.

Thanks

DPIBreak's creation was inspired by these great free software:

• GoodByeDPI by ValdikSS: For its design which shaped the project's UX.

For introducing the circumvention idea:

• SpoofDPI by xzvc
• zapret by bol-van

See more

Alternative tools:

• Green Tunnel by SadeghHayeri (for MacOS, Linux and Windows)
• DPI Tunnel CLI by zhenyolka (for Linux and routers)
• DPI Tunnel for Android by zhenyolka (for Android)
• PowerTunnel by krlvm (for Windows, MacOS and Linux)
• PowerTunnel for Android by krlvm (for Android)
• GhosTCP by macronut (for Windows)
• ByeDPI for Linux/Windows
• ByeDPIAndroid for Android (no root)
• ByeByeDPI for Android
• youtubeUnblock by Waujito (for OpenWRT/Entware routers and Linux)
• NoDPI for Windows and Linux

Useful links:

• https://geneva.cs.umd.edu/papers/geneva_ccs19.pdf
• https://github.com/bol-van/zapret/blob/master/docs/readme.en.md
• https://deepwiki.com/bol-van/zapret/3-dpi-circumvention-techniques
• https://www.ias.edu/security/deep-packet-inspection-dead-and-heres-why
• https://www.cloudflare.com/learning/ssl/what-happens-in-a-tls-handshake/

Notice

Copyright 2025-2026 Dilluti0n.

Licensed under GPL-3.0-or-later.