ospab
f779404e0f
New CLI client for Linux with TUN interface support: - Interactive setup wizard with profile management - Connect/disconnect commands with root privilege check - Status monitoring (interface stats, traffic counters) - Test connection (handshake verification) - Profile management (add/remove/set-default) - Anti-VM detection (production mode only) - Stealth mode (TLS mimicry, geo-SNI selection) Features: - Static musl binary (2.0 MB) - universal Linux - Config storage: ~/.config/ostp/profiles.json - TUN interface: ostp0 (10.X.Y.Z) - Security: libc::geteuid() root check, ostp-guard integration - Error handling: graceful disconnect on Ctrl+C Commands: - ostp-client-linux setup # Interactive wizard - ostp-client-linux connect --profile default - ostp-client-linux connect --server 1.2.3.4:443 --psk HEX - ostp-client-linux status # Show connection info - ostp-client-linux disconnect # Kill running client - ostp-client-linux profiles list # List saved profiles - ostp-client-linux test --server X --psk Y Distribution updates: - Added ostp-client-linux (2.0 MB) to linux-x64 package - Updated SHA256SUMS with all 3 binaries - Updated README.md with client installation guide - Rebuilt ostp-server-linux-x64.tar.gz (6.86 MB total) Note: TUN interface and traffic relay are TODO (placeholders)
OSTP — Ospab Stealth Transport Protocol
Secure, Private, Undetectable
OSTP is a next-generation VPN protocol engineered for privacy-conscious users operating in restrictive network environments. Built from the ground up to resist Deep Packet Inspection (DPI), active probing, and traffic analysis, OSTP provides secure tunnel connectivity that appears indistinguishable from legitimate HTTPS traffic.
🎯 Core Features
- 🔒 Military-Grade Encryption — ChaCha20-Poly1305 AEAD cipher with ephemeral X25519 key exchange
- 👻 Stealth by Design — TLS mimicry with geo-aware SNI selection to blend with regional traffic patterns
- 🛡️ Silent Authentication — Pre-shared key validation that never reveals port state or protocol presence
- ⚡ High Performance — UDP-over-TCP framing with adaptive padding for optimal throughput
- 🌐 Cross-Platform — Native binaries for Windows (client) and Linux (server)
- 📊 Integrated Billing — Built-in session management with quota tracking and SQLite persistence
🚀 Quick Start
Server Deployment (Linux)
# Generate pre-shared key
ostp-server gen-key
# Start server with PSK
ostp-server -l 0.0.0.0:8443 -p <hex-encoded-psk>
# Or use configuration file
ostp-server -c /etc/ostp/server.json
Client Connection (Windows)
# Interactive setup wizard
ostp-client setup
# Connect to server
ostp-client connect -s 1.2.3.4:8443 -p <hex-encoded-psk> -c RU
# Manage profiles
ostp-client profiles
🏗️ Architecture
OSTP consists of multiple specialized components:
| Component | Purpose |
|---|---|
| ostp | Core transport layer with encryption, handshake protocol, and TLS mimicry |
| oncp | Control plane for session management, user registry, and billing |
| osn | Network layer abstraction for TUN device management and routing |
| osds | Stealth DNS forwarder with anti-hijack detection |
| ostp-guard | Anti-reverse engineering protection suite (proprietary) |
All components work together to provide a robust, stealth VPN solution that evades detection while maintaining high performance and security standards.
🔐 Security Model
OSTP employs multiple layers of security:
- Silent Handshake — Invalid authentication attempts receive no response, preventing protocol fingerprinting
- Zero Fingerprints — All TLS fields are randomly generated to match legitimate HTTPS traffic
- Perfect Forward Secrecy — Ephemeral key exchange ensures session keys are never reused
- Encrypted Metadata — Even packet lengths and timing are obfuscated through adaptive padding
- Anti-Analysis Protection — Runtime protection against debugging, VM detection, and reverse engineering (release builds only)
📋 Requirements
Server (Linux)
- Linux kernel 3.10+ (tested on Ubuntu 22.04+, Debian 11+)
- 512 MB RAM minimum
- Ports: TCP 443 or 8443 (configurable)
- Persistent storage for user database
Client (Windows)
- Windows 10/11 (64-bit)
- Administrator privileges for TUN device creation
- .NET Framework not required (statically linked)
🛠️ Build from Source
# Clone repository (private access required)
git clone https://github.com/ospab/ospab.network.git
cd ospab.network
# Build all components
cargo build --workspace --release
# Binaries will be in target/release/
# - ostp-server.exe (Linux server)
# - ostp-client.exe (Windows client)
Note: This is a proprietary project. Source code access requires authorization. See LICENSE for details.
📚 Documentation
- Server Configuration Guide
- Client Setup Guide
- Protocol Specification (private)
- Security Architecture (private)
- Deployment Best Practices
🌍 Use Cases
- Journalists & Activists — Secure communication in countries with internet censorship
- Business Travelers — Bypass restrictive corporate and hotel networks
- Privacy Advocates — Maintain anonymity without revealing VPN usage
- Remote Workers — Access corporate resources without detection
- IoT Security — Secure embedded device communication with stealth capabilities
⚠️ Legal Notice
OSTP is a proprietary software product. Unauthorized distribution, reverse engineering, or modification is prohibited. This project is intended for legitimate privacy protection purposes only. Users are responsible for complying with local laws regarding encryption and VPN usage.
This repository is private. Public README is provided for documentation purposes only.
📞 Contact
- Author: Ospab
- Email: ospab@ospab.host
- Website: (coming soon)
📜 License
Copyright © 2025-2026 Ospab. All rights reserved.
This software is proprietary and confidential. See LICENSE file for complete terms.
Built with Rust 🦀 | Engineered for Privacy 🔐 | Designed to Disappear 👻