Developing a tool to circumvent censorship? See below for resources to test your approach against

CoPilot

CoPilot

CoPilot is a wireless hotspot that provides an easy to use web interface for simulating custom censorship environments. CoPilot comes pre-loaded with DNS censorship plugins that allow targeted DNS Blocking and Redirection,ß∑ and “Intrusion Prevention” plugin which allows for wide-ranging censorship simulation using censorship “rules” from standard Intrusion prevention and detection systems, as well as rules generated by Adversary Lab

CoPilot is built around a plugin system that allows developers to easily add new censorship and surveillance functionality, and supports “playing card deck” sized embedded hardware platforms that allow CoPilot to be built for under $100 USD.](http://openinternet.github.io/copilot/developer/2016/01/08/supported-devices.html)

Adversary Lab

From the Adversary Lab readme:

“Adversary Lab is a service that analyzes captured network traffic to extract statistical properties. Using this analysis, filtering rules can be synthesized to block sampled traffic.

The purpose of Adversary Lab is to give researchers and developers studying network filtering a way to understand how easy it is to block different protocols. If you have an application that uses a custom protocol, Adversary Lab will demonstrate how a rule can be synthesized to systematically block all traffic using that protocol. Similarly, if you have a network filtering circumvention tool, then Adversary Lab can synthesize a rule to block your tool. This analysis can also be used to study tools that specifically attempt to defeat networking filtering, such as Pluggable Transports.

Adversary Lab analysis works by training a classifier on two observed data sets, the “allow” set and the “block” set. For instance, a simulated adversary could allow HTTP, but block HTTPS. By training the system with HTTP and HTTPS data, it will generate a rule that distinguishes these two classes of traffic based on properties observed in the traffic.”

Additional Resources

  • Suricata is an open source Intrusion Detection system with DPI capabilities
  • ClearOS is a complete operating system and web interface which can function inside a VM to provide DPI capabilities
  • Wireshark Wireshark provides powerful network analysis to investigate what your traffic looks like. See also Ettercap