browsertunnel
Surreptitiously exfiltrate data from the browser over DNS (by veggiedefender)
choir
Go library for privacy-preserving error reporting using DNS (by Jigsaw-Code)
browsertunnel | choir | |
---|---|---|
5 | 2 | |
406 | 31 | |
- | - | |
2.6 | 0.0 | |
almost 4 years ago | almost 4 years ago | |
Go | Go | |
MIT License | Apache License 2.0 |
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
browsertunnel
Posts with mentions or reviews of browsertunnel.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-04-01.
- Browsertunnel – Surreptitiously exfiltrate data from the browser over DNS
-
Werte Mitarbeiter*innen, prüft niemals die Sicherheit eurer Passwörter in einem Onlinecheck. Eure EDV
Ah, hab was gefunden: https://github.com/veggiedefender/browsertunnel
- veggiedefender/browsertunnel - Surreptitiously exfiltrate data from the browser over DNS
-
Exfiltrate Files Using the DNS
This is also possible to do over the browser (just one-way communication, unfortunately) using dns-prefetch tags:
https://github.com/veggiedefender/browsertunnel
choir
Posts with mentions or reviews of choir.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2021-08-18.
-
HTML over DNS: Serving Blog Content over DNS
Corollary is, spyware can use DNS to exfiltrate data [0]. Or, you could also send out client side metrics with cleverly drafted DNS requests [1]. And, posted here many times on HN, DNS as a cookie replacement [2].
[0] https://unit42.paloaltonetworks.com/dns-tunneling-how-dns-ca...
[1] https://github.com/Jigsaw-Code/choir
[2] http://dnscookie.com/
-
Exfiltrate Files Using the DNS
For a variation of this technique see this handy golang differential-privacy metrics collection library that uses DNS: https://github.com/Jigsaw-Code/choir
Currently used by the Jigsaw group at Google to collect metrics from behind censoring ISPs.
What are some alternatives?
When comparing browsertunnel and choir you can also consider the following projects:
iodine - Official git repo for iodine dns tunnel
gost - GO Simple Tunnel - a simple tunnel written in golang
nps - 一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.