by Zencefil Efendi
███████╗██████╗ ███████╗ ██████╗████████╗███████╗██████╗ ███╗ ██╗███████╗████████╗
██╔════╝██╔══██╗██╔════╝██╔════╝╚══██╔══╝██╔════╝██╔══██╗████╗ ██║██╔════╝╚══██╔══╝
███████╗██████╔╝█████╗ ██║ ██║ █████╗ ██████╔╝██╔██╗ ██║█████╗ ██║
╚════██║██╔═══╝ ██╔══╝ ██║ ██║ ██╔══╝ ██╔══██╗██║╚██╗██║██╔══╝ ██║
███████║██║ ███████╗╚██████╗ ██║ ███████╗██║ ██║██║ ╚████║███████╗ ██║
╚══════╝╚═╝ ╚══════╝ ╚═════╝ ╚═╝ ╚══════╝╚═╝ ╚═╝╚═╝ ╚═══╝╚══════╝ ╚═╝
SpecterNet is a next-generation network anonymization framework that routes all system traffic through the Tor network. Built from the ground up with security-first principles, it goes far beyond simple proxy routing.
| Feature | Description |
|---|---|
| Full Traffic Routing | All TCP traffic redirected through Tor transparent proxy |
| DNS Leak Protection | DNS queries routed through Tor to prevent DNS leaks |
| IPv6 Leak Protection | Complete IPv6 blocking to prevent dual-stack leaks |
| Kill Switch | Automatic traffic blocking if Tor connection drops |
| Leak Test Engine | Built-in comprehensive leak testing (IP, DNS, IPv6, WebRTC) |
| MAC Randomization | Hardware identity spoofing with realistic vendor OUI prefixes |
| Network Namespace | Kernel-level traffic isolation - apps cannot bypass Tor |
| obfs4 Bridge Mode | Censorship bypass using pluggable transports |
| Exit Node Profiles | Country-based routing (stealth/speed/journalists/research/darkweb) |
| Anti-Forensic Engine | Memory, swap, log, DNS/ARP cache cleanup |
| Browser Hardening | WebRTC/WebGL/Canvas blocking + Firefox privacy settings |
| Secure Firewall | iptables/ip6tables with proper error handling and rollback |
| Modern TUI | Rich terminal interface with dashboard, circuit geography, and reports |
| State Management | Tracks active sessions with full rollback on failure |
| Logging | Detailed file logging for forensic analysis |
- No more
os.system()-- All commands usesubprocesswith error handling - No bare exceptions -- Specific exception handling with proper logging
- IPv6 fully blocked -- Prevents IPv6 dual-stack leaks (TorGhost had none)
- Kill switch -- Watchdog daemon blocks traffic if Tor drops
- ControlPort authentication -- Cookie-based auth instead of open port
- Input validation -- Tor UID validated before use in firewall rules
- Rollback on failure -- Failed operations automatically roll back
- Timeout on all requests -- No more infinite hangs
git clone https://github.com/zencefilefendi/specternet.git
cd specternet
chmod +x build.sh
sudo ./build.shgit clone https://github.com/zencefilefendi/specternet.git
cd specternet
sudo apt install tor python3-pip
pip3 install -r requirements.txt
sudo pip3 install -e .- OS: Linux (Debian/Ubuntu/Kali/Parrot)
- Python: 3.8+
- Tor: Installed and available in PATH
- Privileges: Root (sudo)
sudo specternet [OPTION]
| Flag | Long | Description |
|---|---|---|
-s |
--start |
Start SpecterNet anonymization |
-x |
--stop |
Stop and restore network |
-r |
--switch |
Request new Tor exit node |
-t |
--test |
Run comprehensive leak tests |
-i |
--info |
Show status dashboard |
-h |
--help |
Show help message |
-m |
--mac |
Randomize MAC address + hostname |
-b |
--bridge |
Enable obfs4 bridge mode |
-p |
--profile NAME |
Set exit profile (stealth/speed/journalists/research) |
-n |
--namespace |
Network namespace isolation |
-c |
--cleanup |
Anti-forensic cleanup |
--harden |
Apply Firefox browser hardening | |
--cleanup-full |
Full cleanup (swap + memory + logs) | |
--no-ks |
Start without kill switch | |
-v |
--verbose |
Enable verbose logging |
# Standard start (kill switch enabled)
sudo specternet -s
# Full stealth: MAC + namespace + bridge + stealth exits
sudo specternet -s -m -n -b -p stealth --harden
# Start with MAC randomization + bridge mode
sudo specternet -s -m -b
# Get a new identity (new exit node)
sudo specternet -r
# Run comprehensive leak tests (IP/DNS/IPv6/WebRTC)
sudo specternet -t
# View dashboard with circuit geography
sudo specternet -i
# Switch to journalists exit profile
sudo specternet -p journalists
# Full anti-forensic cleanup
sudo specternet --cleanup-full
# Stop and restore normal network
sudo specternet -xspecternet/
__init__.py # Package metadata
cli.py # Main entry point & argument parsing
config.py # Centralized configuration & state management
firewall.py # iptables/ip6tables rule management
tor_manager.py # Tor daemon lifecycle & circuit control
killswitch.py # Connection watchdog & emergency blocking
leak_test.py # IP, DNS, IPv6 leak detection
ui.py # Rich terminal interface & dashboard
+---------------------------------------------------+
| SpecterNet |
| |
| +----------+ +----------+ +--------------+ |
| | Firewall | | Tor | | Kill Switch | |
| | iptables |--| Daemon |--| (Watchdog) | |
| | ip6tables| | | | | |
| +----------+ +----------+ +--------------+ |
| | | | |
| v v v |
| +--------------------------------------------+ |
| | Leak Test Engine | |
| | IP Check | DNS Test | IPv6 Test | |
| +--------------------------------------------+ |
| | |
| v |
| +--------------------------------------------+ |
| | Rich TUI Dashboard | |
| +--------------------------------------------+ |
+---------------------------------------------------+
- Tor Configuration -- Writes secure torrc with cookie authentication
- DNS Redirect -- Points resolv.conf to localhost Tor DNS
- Tor Daemon -- Starts with transparent proxy on port 9040
- Firewall Rules -- iptables redirects all TCP through Tor, blocks IPv6
- Kill Switch -- Monitors Tor, blocks all traffic if it drops
- Leak Tests -- Verifies no IP/DNS/IPv6 leaks
This tool is intended for authorized security testing, privacy research, and educational purposes only. The user is solely responsible for complying with all applicable laws. Misuse of this tool may violate local, state, or federal laws.
- Developed by Zencefil Efendi
This project is licensed under the GNU General Public License v3.0 -- see the LICENSE file for details.