Domain-fronted HTTP/SOCKS5 proxy tunneling traffic through Google Apps Script with MITM TLS interception, HTTP/1-2 multiplexing, and DPI evasion.
AI Analysis
MasterHttpRelayVPN is a local HTTP/SOCKS5 proxy that routes traffic through Google Apps Script using domain fronting and MITM TLS interception to evade network filtering and DPI detection. It is specialized for circumventing censorship and geographic restrictions, targeting users in restrictive network environments who need to bypass filtering infrastructure—not a general-purpose proxy tool.
Inferred from signals mentioned in the README (tests, CI, type safety) — not a review of the actual code.
AI's overall editorial judgment — not an average of the bars above, can weigh other factors too.
Google Apps Script-based HTTP proxy with domain fronting and MITM TLS interception for circumventing network filters
MasterHttpRelayVPN is a local Python proxy that tunnels traffic through Google Apps Script using domain fronting and MITM TLS techniques to bypass network filters and DPI. Built primarily for users in censored or restricted networks, it routes browser traffic through a free Google relay with optional exit nodes (Cloudflare Workers or VPS) for sites blocking Google IPs. Adoption appears concentrated in Iran and similar regions with heavy internet filtering.
Created April 2026, MasterHttpRelayVPN is a recent entry in the domain-fronting proxy ecosystem. It appears derived from or related to the author's earlier MasterDnsVPN project (6,617 stars), which uses similar techniques for DNS filtering circumvention. The project leverages established domain-fronting patterns used in tools like Modlishka and mirrors broader resistance-tool development.
Rapid initial growth: 3,895 stars and 451 forks in ~10 weeks (as of June 2026), with 15 stars gained in the final 7 days before analysis date. Growth trajectory suggests viral adoption within specific geographic regions with heavy filtering (primarily Farsi-speaking communities, evidenced by README translations and Telegram channels). Slower growth rate (15/week) in final week may indicate plateau or seasonal variation.
Adoption not formally verified through documented case studies or enterprise deployments. Indirect signals include: (1) 3,895 stars and 451 forks suggest meaningful grassroots use; (2) active Telegram community (referenced in README); (3) rapid feature updates (YouTube bypass noted as recent fix); (4) Docker support and comprehensive documentation (GETTING_STARTED, ARCHITECTURE, TROUBLESHOOTING guides) imply real user base. However, no public references to institutional adoption, bug reports from production, or quantified user numbers are evident.
Based on README: local HTTP/SOCKS5 proxy written in Python that intercepts browser traffic via MITM TLS decryption. Routes traffic through a Google Apps Script relay (deployed by user to Google's infrastructure) that fronts as legitimate Google traffic. Optionally chains through exit nodes (Cloudflare Workers or user-operated VPS) for sites blocking Google egress IPs. Supports HTTP/1 and HTTP/2 multiplexing. Architecture appears to be: Browser → Local proxy (MITM CA) → Google Apps Script relay (domain front) → [Optional exit node] → Target. README does not document internals beyond this—code-level implementation quality cannot be assessed from provided materials.
Not documented in README. No mention of test suites, CI/CD pipelines, or quality assurance practices.
Last push 2026-06-09 (24 days before analysis date 2026-07-03). Project is actively maintained. README references 'Special Thanks to Abolix for maintaining it,' suggesting shared maintainership. Rapid bug fixes and YouTube bypass updates noted in README suggest responsive development. However, project is only ~10 weeks old; long-term maintenance patterns cannot yet be assessed.
ADOPT IF: you are in a heavily-filtered region (Iran, China, Russia, similar), operate personal use only, understand MITM TLS risks, and want a free proxy requiring only a Google account with no VPS cost. AVOID IF: you require high confidentiality (MITM CA sees plaintext TLS), need enterprise support, operate in jurisdictions where circumvention tools violate law, or want a mature/widely-audited codebase (project is 10 weeks old). MONITOR IF: you are tracking domain-fronting techniques, evaluating circumvention tool adoption in restricted regions, or concerned about Apps Script abuse for relay infrastructure.
Independent dimensions
Mainstream potential
2/10
Technical importance
6/10
Adoption evidence
4/10
- Steep MITM trust model: local proxy decrypts all HTTPS traffic via user-installed CA certificate; if proxy is compromised, all traffic is exposed. README acknowledges this but mitigations are limited.
- Apps Script quota and abuse potential: free Google Apps Script tier has unknown limits; large-scale deployment could trigger abuse detection or service suspension, degrading service for all users sharing that relay.
- Legal and terms-of-service liability: domain fronting and MITM interception may violate Google's terms, local laws in some jurisdictions, or exit-site policies; user bears full responsibility per README.
- Nascent project maturity: 10-week-old codebase with limited production track record. Critical bugs, security issues, or architectural flaws may not yet be discovered. Active maintenance is ongoing but cannot yet be proven long-term.
- Geographic/temporal fragility: bypass techniques are inherently adversarial; network filters and DPI evasion cat-and-mouse dynamics mean this tool's effectiveness will degrade over time as censors adapt. No indication of rapid response capability at scale.
MasterHttpRelayVPN will likely remain specialized circumvention tooling for restricted-region users, with adoption concentrated in Iran, China, and similar markets. Mainstream adoption outside censored regions is unlikely due to MITM trust model, legal liability, and availability of simpler alternatives (commercial VPNs). Project will either plateau at 5k–10k stars as a niche tool, or face service disruption if Google clamps down on Apps Script relay abuse. Maintenance will depend heavily on author/Abolix's sustained commitment; community-driven development has not yet materialized (low fork-to-star ratio ~0.12).
Newsletter
Get analyses like this every Monday
Free weekly digest of the most interesting open-source discoveries.
Languages
Information
- Website
- https://t.me/masterdnsvpn
- Language
- Python
- License
- MIT
- Last updated
- 1mo ago
- Created
- 3mo ago
- Analyzed with
- anthropic/claude-haiku-4-5
Stars over time
Contributors over time
Top 100 contributors only — repos with more will plateau at 100.
Open issues
No open issues — clean slate.
Top contributors
Recent releases
No releases published yet.
Similar repos
therealaleph/MasterHttpRelayVPN-RUST
mhrv-rs is a Rust-based DPI/SNI bypass tool that uses a free Google Apps Script...
masterking32/MasterDnsVPN
MasterDnsVPN is a DNS tunneling VPN written in Go that encapsulates TCP traffic...
patterniha/MITM-DomainFronting
MITM-DomainFronting is a censorship circumvention tool that intercepts...
| Repository | Stars | Week Δ | Language | Score | Updated |
|---|---|---|---|---|---|
|
|
3.9k | +17 | Python | 6/10 | 1mo ago |
|
|
3.4k | — | Rust | 7/10 | 1mo ago |
|
|
6.7k | — | Go | 7/10 | 4d ago |
|
|
4.4k | — | Python | 7/10 | 2mo ago |
|
|
2.7k | — | Batchfile | 5/10 | 1mo ago |
|
|
44.2k | — | Python | 8/10 | 1w ago |
Mature, widely-used MITM proxy (44k stars). General-purpose for any MITM use case; does not bundle domain fronting or Apps Script integration. MasterHttpRelayVPN is purpose-built for circumvention and simpler to deploy for that specific use case, but far narrower in scope.
Established Go-based phishing/domain-fronting proxy (5,345 stars). Predates MasterHttpRelayVPN and focuses on credential capture; MasterHttpRelayVPN is transport-layer circumvention. Different threat models; not direct replacements.
Author's earlier project (6,617 stars) using domain fronting for DNS filtering bypass. MasterHttpRelayVPN is HTTP/SOCKS5 transport variant. Both leverage Apps Script; MasterHttpRelayVPN adds TLS MITM. MasterDnsVPN has larger install base, suggesting MasterHttpRelayVPN is newer specialized offshoot.
Similar proxy tool (4,380 stars) in Python; specific GitHub comparison data absent. Likely competing in same circumvention niche. Marginally smaller star count and less recent activity (not confirmed from metadata provided) may indicate MasterHttpRelayVPN gaining traction.
Established VPN/proxy protocols and projects for circumvention. Use different technical approaches (encrypted proxies rather than domain fronting + MITM). MasterHttpRelayVPN is complementary rather than competitive; leverages Google infrastructure rather than user-operated exit nodes.