X-Tunnel

Tor HTTP/HTTPS Proxy Forwarder (Research Edition)

X-Tunnel — Research Grade Tor Forward Proxy

X-Tunnel is a research-oriented HTTP/HTTPS forward proxy that routes client traffic through the Tor network using a SOCKS interface. It exposes a standard HTTP proxy endpoint while preserving end-to-end TLS integrity for HTTPS connections.

X-Tunnel is intended for privacy research, networking experimentation, and educational use in environments where Tor usage is lawful and permitted.


Features

[+] HTTP forwarding over Tor
[+] HTTPS CONNECT tunneling (TLS preserved end-to-end)
[+] Remote DNS resolution inside Tor (socks5h)
[+] Staged IP blocking (soft / hard)
[+] Persistent blacklist storage
[+] Live blacklist reload
[+] CLI unblock control
[+] Metadata-only logging
[+] No TLS interception
[+] No certificate modification

Requirements

Python 3.9+
Tor daemon with SOCKS port enabled

Example Tor configuration:

SOCKSPort 9050

Installation

pip install requests pysocks

Place the following files in the same directory:

proxy.py
blacklist.txt
blocked.html

Running X-Tunnel

python3 proxy.py
python3 proxy.py --listen 127.0.0.1 --port 8081
python3 proxy.py --soft-block 3 --hard-block 6

Command Line Arguments

ArgumentDescriptionDefault
--listenIP address to bind0.0.0.0
--portTCP port8081
--soft-blockSoft block threshold3
--hard-blockHard block threshold6
--unblockRemove blacklist entry

Unblock examples

python3 proxy.py --unblock 1.2.3.4
python3 proxy.py --unblock 10.0.0.0/24
python3 proxy.py --unblock example.com
python3 proxy.py --unblock all

Blocking Model

Stage       Behavior
Normal      Full access
Soft Block  New requests denied
Hard Block  New requests denied and tunnels evicted

Failure counters reset on successful requests.


Client Configuration

HTTP proxy:  127.0.0.1:8081
HTTPS proxy: 127.0.0.1:8081

Logging

Timestamp
Client IP
Target
Result
Bytes transferred
Duration

No payload data is logged.


Security Model

AspectBehavior
TLSPreserved end-to-end
CertificatesNever modified
PayloadNever inspected
DNSResolved inside Tor
AuthenticationNot implemented

X-Tunnel does not act as a MITM proxy.


Known Limitations

- IP-based identity only
- No authentication
- No rate limiting
- No traffic shaping
- No content inspection
- No anonymity guarantee beyond Tor itself

Legal and Ethical Use

- Where Tor usage is lawful
- With user consent
- In compliance with hosting provider policy
- For legitimate research or educational purposes

The operator is responsible for lawful deployment.


Project Philosophy

Transparency
Minimal interference
Research clarity
Ethical operation
User trust

Support

Donations
Sponsorship
Testing
Documentation improvements
Code contributions

License

MIT License — see LICENSE file.

Disclaimer

X-Tunnel is provided "as is" without warranty.
The authors assume no liability for misuse.

X-Tunnel — A research-grade Tor HTTP/HTTPS proxy forwarder.