Expand description
Nooshdaroo: Protocol Shape-Shifting SOCKS Proxy
Nooshdaroo provides dynamic protocol emulation and shape-shifting capabilities, allowing encrypted SOCKS proxy traffic to masquerade as any of 100+ defined network protocols to bypass deep packet inspection and censorship.
§Features
- Multiple Proxy Types: SOCKS5, HTTP CONNECT, Transparent proxy
- Socat-like Relay: Bidirectional traffic relay between endpoints
- Mobile-Friendly: iOS/Android FFI bindings for native integration
- Protocol Shape-Shifting: 5 strategies for dynamic protocol emulation
- Traffic Shaping: Timing and size emulation of target protocols
- 100+ Protocols: Pre-defined protocol signatures (HTTPS, SSH, DNS, etc.)
§Quick Start
§As a Library
use nooshdaroo::{NooshdarooConfig, NooshdarooClient};
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
let config = NooshdarooConfig::default();
let client = NooshdarooClient::new(config)?;
// Get current protocol
let protocol = client.current_protocol().await;
println!("Current protocol: {}", protocol.as_str());
// Manually rotate
client.rotate().await?;
Ok(())
}§As a Command-Line Tool
# Run as client
nooshdaroo client --bind 127.0.0.1:1080 --server example.com:8443
# Run as server
nooshdaroo server --bind 0.0.0.0:8443
# Run as relay (socat mode)
nooshdaroo relay --listen 127.0.0.1:8080 --target example.com:443§Architecture
┌─────────────┐ ┌──────────────┐ ┌──────────────┐
│ Client │────▶│ Nooshdaroo │────▶│ Server │
│ Application │ │ Client │ │ Endpoint │
└─────────────┘ └──────────────┘ └──────────────┘
│
│ Shape-Shifting
▼
┌──────────────┐
│ Protocol │
│ Library │
└──────────────┘Re-exports§
pub use dns_udp_tunnel::DnsUdpTunnelServer;pub use dns_udp_tunnel::DnsUdpTunnelClient;pub use dns_udp_tunnel::DnsUdpTunnelClientPipelined;pub use app_profiles::ApplicationEmulator;pub use app_profiles::ApplicationProfile;pub use app_profiles::AppCategory;pub use bandwidth::AdaptiveRateLimiter;pub use bandwidth::BandwidthController;pub use bandwidth::NetworkMetrics;pub use bandwidth::NetworkMonitor;pub use bandwidth::QualityProfile;pub use bandwidth::QualityTier;pub use config::NooshdarooConfig;pub use config::ShapeShiftConfig;pub use config::TrafficShapingConfig;pub use config::TransportType;pub use config::ServerConfig;pub use library::ProtocolLibrary;pub use mobile::MobileConfigBuilder;pub use mobile::NooshdarooMobileConfig;pub use noise_transport::generate_keypair as generate_noise_keypair;pub use noise_transport::NoiseConfig;pub use noise_transport::NoiseKeypair;pub use noise_transport::NoisePattern;pub use noise_transport::NoiseTransport;pub use protocol::DetectionScore;pub use protocol::ProtocolId;pub use protocol::ProtocolMeta;pub use protocol::Transport;pub use protocol_wrapper::ProtocolWrapper;pub use protocol_wrapper::WrapperRole;pub use proxy::HttpProxyServer;pub use proxy::ProxyType;pub use proxy::UnifiedProxyListener;pub use psf::PsfInterpreter;pub use psf::ProtocolFrame;pub use shapeshift::ShapeShiftController;pub use socat::Bidirectional;pub use socat::ClientToServer;pub use socat::RelayMode;pub use socat::ServerToClient;pub use socat::SocatBuilder;pub use socat::SocatRelay;pub use strategy::ShapeShiftStrategy;pub use strategy::StrategyType;pub use transport::DatagramTransport;pub use transport::StreamTransport;pub use transport::TransportConfig;pub use transport::TransportSemantics;pub use transport::TransportType as TransportLayerType;pub use socks_udp::UdpSocksHeader;pub use socks_udp::UdpSocksServer;pub use udp_proxy::SimpleUdpForwarder;pub use udp_proxy::UdpProxyServer;pub use multiport_server::MultiPortServer;pub use netflow_evasion::PathTester;pub use netflow_evasion::MultiPortConfig;
Modules§
- app_
profiles - Application-specific traffic profiles for realistic traffic emulation
- bandwidth
- Adaptive bandwidth optimization and quality management
- config
- Nooshdaroo configuration
- dns_
transport - DNS UDP Tunnel Transport
- dns_
tunnel - dns_
udp_ tunnel - embedded_
keys - Embedded server public keys for production deployments
- json_
logger - Structured JSON logging for jq parsing
- library
- Protocol library manager
- mobile
- Mobile device support (iOS and Android FFI)
- multiport_
server - Multi-port server that listens on protocol-appropriate ports
- netflow_
evasion - Netflow analysis evasion through multi-port and protocol mixing
- noise_
transport - Noise Protocol encrypted transport for client-server communication
- nquic
- profiles
- Preset profiles for different network environments
- protocol
- Protocol metadata and definitions
- protocol_
wrapper - Protocol wrapping layer for obfuscating Noise encrypted traffic
- proxy
- Multi-protocol proxy servers (HTTP, SOCKS, Transparent)
- psf
- PSF (Protocol Shape Format) Interpreter
- reliable_
transport - KCP Reliability Layer for Unreliable Transports
- shapeshift
- Shape-shifting controller
- socat
- Socat-like bidirectional relay functionality
- socks5
- socks_
udp - UDP SOCKS5 Implementation (RFC 1928 Section 7)
- strategy
- Shape-shifting strategies
- tls_
record_ layer - TLS 1.3 Record Layer Emulation
- traceroute
- Network path tracing and hop discovery
- traffic
- Traffic shaping and timing emulation
- transport
- Transport Abstraction Layer
- transports
- Transport Implementations
- udp_
proxy
Macros§
- jlog_
debug - Macros for convenient JSON logging
- jlog_
error - jlog_
info - jlog_
warn
Structs§
- Nooshdaroo
Client - Nooshdaroo client instance for managing shape-shifted connections
- Nooshdaroo
Server - Nooshdaroo server instance for receiving shape-shifted connections
- Protocol
Stats - Protocol usage statistics
Enums§
- Nooshdaroo
Error - Nooshdaroo error types