[FOSS] Shrimp - A Secure Forward HTTPS Proxy in < 700 Lines of Code

chadsixchadsix Services Provider
in Free Offers and Stuff

We introduce Shrimp [1], an open source [2] forward HTTPS proxy.

Shrimp was built since the great Squid was > 100,000 lines of code which made it difficult for us to audit. Further, we needed a forward proxy that worked in a very specific way:

Regular Mode

  • Traffic goes over IPv4 or IPv6, whichever your stack decides

Lockdown Mode

  • Traffic goes over IPv6 and uses NAT64 for IPv4, locked to a specific network interface

Shrimp will be very convenient for VPN providers who use Squid to provide forward HTTPS proxy services. Besides being lighter, Shrimp hashes passwords with bcrypt which is more secure at rest than the typical hashing used in other forward proxies.

For us, we built it so that we could provide a proxy appliance to our end users on Cloud Seeder which allows them to both run their own double hop proxy where they control one of the hops and also gain plausible deniability.

Here's a video of it in action in our appliance:

We hope you find this useful just like our other open source repositories!

[1] Shrimp was released a little under a week ago but was not shared due to limitations on post frequency! The wait was small, though and we hope you think it was worth it!

[2] Shrimp is licensed under COOL (no restrictions just include attribution)

Start self hosting with an external IP with IPv6rs.
The only thing between your host and your data is trust. Trust is not security.

Thanked by (1)bliss
Tagged:

Comments

  • FritzFritz

    Does it do caching also?

    https://microlxc.net/

  • chadsixchadsix Services Provider

    Unfortunately, since it's primary purpose is simply to redirect and mask traffic, it doesn't perform caching. In terms of TLS/HTTPS traffic, it wouldn't be able to even if it could, but it isn't doing it on HTTP either (it's more a privacy forward proxy).

    Sorry if this brings any inconvenience to you. :(

    Start self hosting with an external IP with IPv6rs.
    The only thing between your host and your data is trust. Trust is not security.

  • wankelwankel OG

    I like the pun on the name. Did you realize babywhales may eat squid, but squid has shrimp for breakfast?

    Thanked by (3)chadsix yoursunny fluttershy
  • yoursunnyyoursunny OG

    @wankel said:
    I like the pun on the name. Did you realize babywhales may eat squid, but squid has shrimp for breakfast?

    The babywhale eats bash and spits kvm.

    HostBrr aff best VPS; VirmAche aff worst VPS.
    Unable to push-up due to shoulder injury 😣

Sign In or Register to comment.