Open Source BSD Tunneling Software - Page 3

OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single TCP/UDP port. Discussion forums and project wiki can be found here: https://forums.openvpn.net/ http://community.openvpn.net/openvpn

PivotSuite is a portable, platform-independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network. It is a Standalone Utility, Which can use as a Server or as a Client. If the compromised host is directly accessible (Forward Connection) from Our pentest machine, Then we can run pivotsuite as a server on the compromised machine and access the different subnet hosts from our pentest machine, Which was only accessible from the compromised machine. If the compromised host is behind a Firewall / NAT and isn't directly accessible from our pentest machine, Then we can run pivotsuite as a server on pentest machine and pivotsuite as a client on the compromised machine for creating a reverse tunnel (Reverse Connection). Using this we can reach different subnet hosts from our pentest machine, which was only accessible from the compromised machine.

Portr is an open-source, self-hosted tunneling platform for exposing local HTTP, TCP, or WebSocket services to the public internet. It uses SSH remote port forwarding under the hood, which gives it a familiar and secure transport foundation. The project is designed for teams that need an ngrok-like workflow while keeping control of their own infrastructure. It includes both server and client components, along with a dashboard-oriented experience for managing tunnel usage. Portr can help developers test webhooks, share local applications, expose APIs, or temporarily publish development services without deploying them permanently. Its main purpose is to provide a practical self-hosted tunnel service that balances developer convenience with infrastructure ownership.

Forwading of Ports (aka Proxy, Tunneling), Traffic shape (i.e. limit Bandwidth), Statistics about forwarded traffic, etc. Portty provides a GUI to interact and customize the tasks.

Rapid Tunneling is a set of scripts using ssh -R that provides a VPN-like functionality with an easy-to-use command-line and web interface.

Shadowsocks-Nodejs is a Node.js implementation of the Shadowsocks proxy protocol, providing server and client components that let users create an encrypted proxy tunnel to bypass network filtering and protect traffic in transit. The project reimplements the lightweight, stream-oriented Shadowsocks protocol in JavaScript so operators can run servers and clients using Node.js environments rather than native binaries or Python ports. It exposes typical Shadowsocks features such as configurable ciphers, listening ports, and worker process models that let operators tune performance for their deployment. Historically, the Node.js port has been used when convenience or platform compatibility mattered, though some maintainers and users note that performance and memory characteristics differ from other implementations. The codebase includes CLI helpers and configuration parsing so it can be run as a service or embedded in other Node.js tooling.

Shoshone is a simple Java HTTP Client, an alternative to the standard URLConnection. Features: fetching webpages including Cookies, download files, post data, upload files via Multipart/Form Data, chunked mode, redirects, SSL, HTTP proxies

Sing-box is a shell-script-based deployment project for setting up multi-protocol sing-box proxy environments across different hosting platforms and VPS scenarios. It is built around quick, automated installation rather than manual configuration, making it useful for users who want a bundled setup process. The project supports several proxy protocols, including VLESS Reality, VMess over WebSocket and TLS, Hysteria2, and Tuic. It also includes optional Nezha monitoring integration, which can help users observe node status from a monitoring panel. The scripts reference support for platforms such as Serv00, CT8, Hostuno, VPS environments, and Alpine-based systems. Overall, it functions as an automation toolkit for deploying and managing sing-box-based proxy nodes with multiple protocol options.

A so called "attack proxy", Snark allows a user to monitor and edit HTTP requests and responses. Snark can be configured to act as a web proxy, or in a tunnel mode which allows for proxy chaining, or use with other tools.

Tunnel communication through a SOCKS proxy. With SSH and PPP, this provides a more efficient VPN than using httptunnel. This can also be used for running applications such as SETI@Home through SOCKS. Visit http://www.securitybulletins.com/ for more info.

Daemon to tunnel IPX traffic from one local-area-network to another over Internet Protocol wide-area-networks, such as the internet.

VJDBC (Virtual JDBC) is a JDBC type 3 driver which provides efficient tunneling of JDBC commands/results over different communication protocols (RMI, HTTP, HTTPS ...).

In just one clic (no setup) this Java Applet based solution allows you to run VNC Server / VNC Viewer through an HTTP AES encrypted tunnel. As it is full HTTP, there is no proxy or firewall setup needed.

WebTTY is a terminal-sharing tool that lets a user share an interactive shell session over WebRTC. It is useful for pair programming, collaborative debugging, remote help, or accessing systems behind NAT without setting up a traditional proxy server. The project includes a command-line workflow and an in-browser client, so a session can be joined through a static web page when needed. It supports custom commands, allowing users to share a shell, a tmux session, or another terminal-based process. The tool also includes non-interactive and one-way connection options for specialized workflows such as attaching to a build server session. webtty is experimental but practical, combining Go, WebRTC, and browser-based terminal access into a lightweight collaboration tool.

Webtunnel is an HTTP tunnel with some unique features: it runs in the context of a web server; it uses simple requests/responses for proxy traversal; and it is multi-threaded to allow many parallel connections to many destinations simultaneously.

THIS IS NOT WHONIX'S HOMEPAGE. Please go to: https://www.whonix.org/ (This is only Whonix's sourceforge must-have project page.) Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP. Whonix consists of two parts: One solely runs Tor and acts as a gateway, which we call Whonix-Gateway. The other, which we call Whonix-Workstation, is on a completely isolated network. Only connections through Tor are possible. Whonix is produced independently of, and carries no guarantee from, The Tor Project. For download: https://www.whonix.org/wiki/Download

Wiretap is a transparent, VPN-like proxy server that tunnels traffic through WireGuard. It is designed to proxy traffic without requiring special privileges to run, which makes it different from many traditional VPN tools that depend on privileged network interface setup. The project focuses on transparent routing, allowing client traffic to move through WireGuard-based paths toward the intended destination. Its documentation describes an end-to-end encryption model where packets are forwarded through Wiretap nodes until they reach the intended server, which then sends traffic to the real network destination. Wiretap is useful for research, security labs, and controlled environments where users want WireGuard-style tunneling with proxy-like behavior. It is best understood as a specialized networking tool rather than a general consumer VPN client.

Multipurpose http tunnel which runs through any firewall or proxy. It uses CONNECT method but also BOSH-like method which makes run it on any proxy (even http 1.0).

mod_tunnel is a simple Apache 1.3.x module that can be used to create TCP tunnels using your web server. It comes handy to expose services which can be reached through a proxy, bypassing firewalls.

sshvpn is a shell script based tool which uses openssh vpn tunneling feature to connect two private networks or attach a host to the remote private network securely over the internet.

Piko is an open-source reverse proxy and tunneling system designed as a self-hostable alternative to ngrok. It lets upstream services open outbound-only connections to Piko, then routes incoming traffic back through those established tunnels. This design is useful for services that are private, behind NAT, firewalled, or otherwise not publicly routable. Piko is built for production-oriented hosting rather than only short-lived development demos. It supports a server and agent model, with the agent running near the upstream service and forwarding traffic from named endpoints to local ports. The project also includes Kubernetes-oriented deployment guidance, clustering behavior, and a single binary that can run in both server and agent modes.

pppit allows one to tunnel through a firewall which only allows proxy telnet, such as SWAN. It is a modified, special-purpose ppp daemon.

Proxpy is a TCP proxy and debugging tool. It runs on Windows, Linux, Unix and any other system that supports java. Uses are for debugging TCP communications, tunneling over SSL, converting SSL to non-SSL, forwarding traffic.

phc -- proxy hunter customed -- for validation of free SOCKS 4/5 or HTTP proxies. It is highly customed. Current first release 1.0 validate http proxies from a file with CONNECT or GET method bypass a basic auth http tunnel. Delay is recorded, too.

sshh allows you to make a persistent tcp connection (tunnel) over an http proxy. Once you have it set up, you can make new connections from either end. Similar in concept to httptunnel but more versatile and scalable.