SpoofDPI: a simple tool for neutralizing Deep Packet Inspection
GitHub RepoImpressions852
View on GitHub
@githubprojectsPost Author

SpoofDPI: A Simple Tool to Bypass Deep Packet Inspection Like a Pro

If you've ever run into a situation where your internet provider or a network admin is throttling or blocking traffic based on what protocol you're using (like HTTP, HTTPS, or even SSH), you've probably felt the sting of Deep Packet Inspection (DPI). DPI is the technology that allows networks to look inside your data packets and decide what to do with them — block them, slow them down, or just log them.

Enter SpoofDPI — a tiny, no-fuss tool that tricks DPI into letting your traffic through. It's not a VPN, it's not a proxy in the traditional sense. It's something simpler and cleverer.

What It Does

SpoofDPI works by sending a "spoofed" initial request to the server you're trying to reach, making it look smaller or different to DPI systems. The key idea: most DPI systems only analyze the very first packet or two of a connection. SpoofDPI sends a tiny, incomplete first request that the DPI either ignores or misidentifies, and then immediately follows up with the real request. The result? Your traffic goes through without being shaped, throttled, or blocked.

Under the hood, it intercepts traffic at the application layer (like a local proxy) and uses a technique called "tcp segmentation" to split the initial payload in a way that fools the inspection engine. No encryption, no tunnels — just a smarter way to send the same data.

Why It’s Cool

  • No overhead. Unlike a VPN, you don't lose speed or add latency because you're not routing through another server. SpoofDPI runs locally and only modifies how your machine sends the first few bytes.
  • Works for HTTP and HTTPS. It handles both, which covers most of what a developer or power user needs.
  • Single binary, no dependencies. Download, run, done. It's written in Go, so you get a self-contained executable.
  • Transparent. It sits between your browser and the network, but you don't need to configure anything else. Just set your proxy to localhost on the port it runs.

Real-world use cases:

  • Getting around a college or office firewall that blocks certain websites.
  • Accessing developer documentation or package registries (like npm, PyPI, or Docker Hub) that are throttled in your region.
  • Testing your own network's DPI setups (if you're into network security).

How to Try It

You can grab the latest release from the GitHub repo:

https://github.com/xvzc/SpoofDPI

There are pre-built binaries for Linux, macOS, and Windows. Just download the one for your OS, make it executable (if needed), and run it:

# On Linux/macOS
chmod +x ./spoof-dpi
./spoof-dpi

# It will start a local proxy on port 8080 by default

Then set your system proxy or browser proxy to 127.0.0.1:8080. That's it. No config files, no certificates to install.

For more advanced usage (like changing the port or running in verbose mode), check the README on the repo.

Final Thoughts

SpoofDPI is one of those tools that's so simple it almost feels like cheating. It doesn't hide your traffic with encryption, it doesn't route through another country — it just sends your packets in a way that the DPI machine doesn't know what to do with. That's elegant.

If you're a developer dealing with network restrictions at work, school, or while traveling, this is worth keeping in your toolbox. It's not a full privacy solution, but for bypassing traffic shaping and content blocking, it's hard to beat.

Give it a spin, and maybe contribute a PR if you spot something interesting. The codebase is small and readable — perfect for tinkering.

Brought to you by @githubprojects

Repository: https://github.com/xvzc/SpoofDPI

Back to Projects
Last updated: June 15, 2026 at 05:07 AM