Multi-user anti-filtering panel, with an effortless installation and supporting more than 20 protocols to circumvent filtering plus the telegram proxy.
Please add simple search box for finding specific proxy name
AmnesiaWG
AmneziaWG operates within the framework of backward compatibility. The AmneziaWG implementation allows for the modification of certain static parameters in WireGuard, which are typically recognized by DPI systems. If these parameters are left at their default values (set to 0), the protocol functions like regular WireGuard.
In AmneziaWG, the headers of all packets are modified: the handshake packet (Initiator to Responder), the response packet (Responder to Initiator), the data packet, and a special "Under Load" packet — these are randomized values, but they can be changed in the settings. Because each user has different headers, it's virtually impossible to devise a universal rule based on headers alone to detect and block the protocol.
Another weak point of WireGuard is the size of authentication packets. In AmneziaWG, random bytes are appended to each auth packet to alter their size. Thus, the handshake packets additionally contain "garbage" at the beginning of the data, the size of which is determined by the values S1 and S2. By default, the initiating handshake packet has a fixed size (148 bytes), and after adding garbage, its size will be 148 bytes + S1.
The AmneziaWG implementation includes another trick for more reliable masking. Before starting a session, Amnezia sends a certain number of "junk" packets to thoroughly confuse DPI systems. The number of such packets and their minimum and maximum sizes in bytes are also set in the settings, with parameters Jc, Jmin, and Jmax.
OpenVPN over Cloak
In the OpenVPN over Cloak combination, the Cloak plugin is responsible for traffic masking. It can alter packet metadata in a way that completely disguises VPN traffic as regular web traffic and protects the VPN from detection using Active Probing methods. This makes it highly resistant to detection and blocking. Immediately after receiving the first data packet, Cloak authenticates the incoming connection. If authentication fails, the plugin masks the server as a fake website, making your VPN invisible to traffic analysis systems.
XRay Reality
XRay Reality's operation is based on the same principles as Cloak - masking the VPN as web traffic and applying protection against active probing. Its operation revolves around distinguishing the client from the censor during the TLS handshake. If the client ("friendly") is recognized, the server acts as a proxy; if the censor ("unfriendly") is identified, the TLS connection is redirected to a completely genuine TLS-enabled host that isn't subject to blocking. Thus, a censor attempting active probing to determine what lies on the other end will receive a genuine TLS certificate from the website and real data from the server.
litoosh13
commented
2 weeks ago
Hello; Please add Following Features Hiddify
Please add simple search box for finding specific proxy name
AmnesiaWG
AmneziaWG operates within the framework of backward compatibility. The AmneziaWG implementation allows for the modification of certain static parameters in WireGuard, which are typically recognized by DPI systems. If these parameters are left at their default values (set to 0), the protocol functions like regular WireGuard.
In AmneziaWG, the headers of all packets are modified: the handshake packet (Initiator to Responder), the response packet (Responder to Initiator), the data packet, and a special "Under Load" packet — these are randomized values, but they can be changed in the settings. Because each user has different headers, it's virtually impossible to devise a universal rule based on headers alone to detect and block the protocol.
Another weak point of WireGuard is the size of authentication packets. In AmneziaWG, random bytes are appended to each auth packet to alter their size. Thus, the handshake packets additionally contain "garbage" at the beginning of the data, the size of which is determined by the values S1 and S2. By default, the initiating handshake packet has a fixed size (148 bytes), and after adding garbage, its size will be 148 bytes + S1.
The AmneziaWG implementation includes another trick for more reliable masking. Before starting a session, Amnezia sends a certain number of "junk" packets to thoroughly confuse DPI systems. The number of such packets and their minimum and maximum sizes in bytes are also set in the settings, with parameters Jc, Jmin, and Jmax.
OpenVPN over Cloak
In the OpenVPN over Cloak combination, the Cloak plugin is responsible for traffic masking. It can alter packet metadata in a way that completely disguises VPN traffic as regular web traffic and protects the VPN from detection using Active Probing methods. This makes it highly resistant to detection and blocking. Immediately after receiving the first data packet, Cloak authenticates the incoming connection. If authentication fails, the plugin masks the server as a fake website, making your VPN invisible to traffic analysis systems.
XRay Reality
XRay Reality's operation is based on the same principles as Cloak - masking the VPN as web traffic and applying protection against active probing. Its operation revolves around distinguishing the client from the censor during the TLS handshake. If the client ("friendly") is recognized, the server acts as a proxy; if the censor ("unfriendly") is identified, the TLS connection is redirected to a completely genuine TLS-enabled host that isn't subject to blocking. Thus, a censor attempting active probing to determine what lies on the other end will receive a genuine TLS certificate from the website and real data from the server.
Juicity Mieru
Naive Quantumult Tor Socks 4/5 Server Thanks