DEV Community

Cover image for How I Made a Transparent Tor Proxy with Dead Man's Switch
0xJerry
0xJerry

Posted on

How I Made a Transparent Tor Proxy with Dead Man's Switch

#programming #ai #opensource #security

πŸ§… What is TorForge?

I just released TorForge, an advanced transparent Tor proxy that routes ALL your system traffic through Tor with a single command. No browser extensions, no app configuration - everything just works.

Why I Built This

Existing solutions had problems:

  • Tor Browser: Only protects one browser
  • Torsocks: Per-application, easy to forget
  • Whonix: Requires VM overhead

TorForge operates at the kernel level using iptables, capturing everything.

πŸ”₯ Key Features

Core Functionality

Feature Description
Transparent Proxy Routes all TCP/DNS through Tor automatically
Kill Switch Default DROP policy - no leaks possible
IPv6 Blocking Complete leak protection
Auto-Rotation Change exit IP every N minutes
Multi-Circuit 8+ concurrent circuits for speed

Advanced Security

Feature Description
Post-Quantum Encryption CRYSTALS-Kyber768 (NIST Level 3)
Steganography Mode Traffic looks like Netflix/YouTube streaming
Decoy Traffic Injects fake requests to frustrate analysis
Dead Man's Switch Panic key for instant emergency shutdown

AI-Powered

Feature Description
Smart Circuit Selection AI learns optimal exit nodes based on performance
Split-Tunnel Learning Automatic routing decisions based on app behavior

πŸš€ Quick Start

Install 

git clone https://github.com/jery0843/torforge.git
cd torforge
make build
sudo make install
Enter fullscreen mode Exit fullscreen mode

Basic Usage 

# Start with default settings
sudo torforge tor -n 8

# Check status
sudo torforge status

# Stop
sudo torforge stop
Enter fullscreen mode Exit fullscreen mode

Maximum Security Mode 

sudo torforge tor \
  --post-quantum \
  --rotate-circuit 5 \
  --decoy-traffic 30 \
  --stego \
  --panic-key F12 \
  -n 8
Enter fullscreen mode Exit fullscreen mode

πŸ“Ί What It Looks Like 

πŸ§… TorForge Active
   πŸ” Post-Quantum: CRYSTALS-Kyber768 ACTIVE
   πŸ“Š NIST Level: 3 | Key ID: a1b2c3d4e5f6
   🎭 Decoy Traffic: 30% active
   🚨 Panic Key: F12 (press in terminal)
   πŸ”„ Auto-Rotate: every 5 minutes
   Exit IP:  185.220.101.15
   Circuits: 8

   Press Ctrl+C to stop
Enter fullscreen mode Exit fullscreen mode

πŸ›‘οΈ Security Architecture 

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ Your Application                         β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                 β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ iptables NAT                             β”‚
β”‚ β†’ Redirect TCP to Tor TransPort         β”‚
β”‚ β†’ Redirect DNS to Tor DNS               β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                 β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ iptables FILTER                          β”‚
β”‚ β†’ Block ICMP (ping)                      β”‚
β”‚ β†’ Block UDP (except Tor DNS)             β”‚
β”‚ β†’ Block IPv6                             β”‚
β”‚ β†’ DEFAULT DROP (kill switch)            β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                 β–Ό
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚ Tor Network                              β”‚
β”‚ Guard β†’ Middle β†’ Exit β†’ Destination     β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
Enter fullscreen mode Exit fullscreen mode

Nothing escapes.

πŸ” Post-Quantum Encryption

TorForge uses CRYSTALS-Kyber768 from Cloudflare's CIRCL library:

  • NIST Level 3 security (192-bit quantum resistant)
  • AES-256-GCM for symmetric encryption
  • New keys generated every session
  • Protects against future quantum computers

🚨 Dead Man's Switch

When you press the panic key (e.g., F12):

  1. Immediately flushes all iptables rules
  2. Kills all network connections
  3. Terminates Tor process
  4. Clears browser caches
  5. Wipes RAM caches
  6. Deletes shell history
  7. Exits cleanly

Total time: < 2 seconds

πŸ“Š Tech Stack

  • Language: Go 1.21+
  • Encryption: CRYSTALS-Kyber768 (Cloudflare CIRCL)
  • Network: iptables, netfilter
  • Lines of Code: 10,000+
  • Packages: 10 internal modules

πŸ› οΈ All Command Flags 

sudo torforge tor --help

Flags:
  --circuits, -n      Number of circuits (default: 4)
  --post-quantum      Enable Kyber768 encryption
  --rotate-circuit    Auto-rotate every N minutes
  --decoy-traffic     Generate N% fake traffic
  --stego             Steganography mode
  --panic-key         Dead man's switch key
  --auto-bridge       Auto-discover bridges
  --exit-nodes, -e    Preferred exit countries
  --bypass, -b        Bypass patterns
Enter fullscreen mode Exit fullscreen mode

πŸ“ˆ What's Next?

  • [ ] GUI dashboard (Electron/Wails)
  • [ ] macOS support
  • [ ] Android companion app
  • [ ] Traffic visualization
  • [ ] More pluggable transports

πŸ”— Links

GitHub: github.com/jery0843/torforge

πŸ’¬ Feedback Welcome!

I'd love to hear your thoughts:

  • What features would you want to see?
  • Any security concerns?
  • Suggestions for improvement?

Drop a comment below or open an issue on GitHub!

Top comments (0)