Specternet

<p align="center"> <img src="https://img.shields.io/badge/version-5.0.0-8855ff?style=for-the-badge" alt="Version"> <img src="https://img.shields.io/badge/python-3.8+-00d4ff?style=for-the-badge&logo=python&logoColor=white" alt="Python"> <img src="https://img.shields.io/badge/license-GPLv3-00ff88?style=for-the-badge" alt="License"> <img src="https://img.shields.io/badge/platform-Linux-ff3366?style=for-the-badge&logo=linux&logoColor=white" alt="Platform"> </p> <h1 align="center"> <br> SpecterNet <br> </h1> <h4 align="center">Advanced Network Anonymization Framework</h4> <p align="center"><i>by Zencefil Efendi</i></p>

---

   ███████╗██████╗ ███████╗ ██████╗████████╗███████╗██████╗ ███╗   ██╗███████╗████████╗
   ██╔════╝██╔══██╗██╔════╝██╔════╝╚══██╔══╝██╔════╝██╔══██╗████╗  ██║██╔════╝╚══██╔══╝
   ███████╗██████╔╝█████╗  ██║        ██║   █████╗  ██████╔╝██╔██╗ ██║█████╗     ██║
   ╚════██║██╔═══╝ ██╔══╝  ██║        ██║   ██╔══╝  ██╔══██╗██║╚██╗██║██╔══╝     ██║
   ███████║██║     ███████╗╚██████╗   ██║   ███████╗██║  ██║██║ ╚████║███████╗   ██║
   ╚══════╝╚═╝     ╚══════╝ ╚═════╝   ╚═╝   ╚══════╝╚═╝  ╚═╝╚═╝  ╚═══╝╚══════╝   ╚═╝

What is SpecterNet?

SpecterNet is a next-generation network anonymization framework that routes all system traffic through the Tor network. Built from the ground up with security-first principles, it goes far beyond simple proxy routing.

Key Features

| Feature | Description | |---------|-------------| | Full Traffic Routing | All TCP traffic redirected through Tor transparent proxy | | DNS Leak Protection | DNS queries routed through Tor to prevent DNS leaks | | IPv6 Leak Protection | Complete IPv6 blocking to prevent dual-stack leaks | | Kill Switch | Automatic traffic blocking if Tor connection drops | | Leak Test Engine | Built-in comprehensive leak testing (IP, DNS, IPv6, WebRTC) | | MAC Randomization | Hardware identity spoofing with realistic vendor OUI prefixes | | Network Namespace | Kernel-level traffic isolation - apps cannot bypass Tor | | obfs4 Bridge Mode | Censorship bypass using pluggable transports | | Exit Node Profiles | Country-based routing (stealth/speed/journalists/research/darkweb) | | Anti-Forensic Engine | Memory, swap, log, DNS/ARP cache cleanup | | Browser Hardening | WebRTC/WebGL/Canvas blocking + Firefox privacy settings | | Secure Firewall | iptables/ip6tables with proper error handling and rollback | | Modern TUI | Rich terminal interface with dashboard, circuit geography, and reports | | State Management | Tracks active sessions with full rollback on failure | | Logging | Detailed file logging for forensic analysis |

Security Improvements over TorGhost

• No more os.system() -- All commands use subprocess with error handling
• No bare exceptions -- Specific exception handling with proper logging
• IPv6 fully blocked -- Prevents IPv6 dual-stack leaks (TorGhost had none)
• Kill switch -- Watchdog daemon blocks traffic if Tor drops
• ControlPort authentication -- Cookie-based auth instead of open port
• Input validation -- Tor UID validated before use in firewall rules
• Rollback on failure -- Failed operations automatically roll back
• Timeout on all requests -- No more infinite hangs

Installation

Quick Install (Recommended)

git clone https://github.com/zencefilefendi/specternet.git
cd specternet
chmod +x build.sh
sudo ./build.sh

Manual Install

git clone https://github.com/zencefilefendi/specternet.git
cd specternet
sudo apt install tor python3-pip
pip3 install -r requirements.txt
sudo pip3 install -e .

Requirements

• OS: Linux (Debian/Ubuntu/Kali/Parrot)
• Python: 3.8+
• Tor: Installed and available in PATH
• Privileges: Root (sudo)

Usage

sudo specternet [OPTION]

| Flag | Long | Description | |------|------|-------------| | -s | --start | Start SpecterNet anonymization | | -x | --stop | Stop and restore network | | -r | --switch | Request new Tor exit node | | -t | --test | Run comprehensive leak tests | | -i | --info | Show status dashboard | | -h | --help | Show help message | | -m | --mac | Randomize MAC address + hostname | | -b | --bridge | Enable obfs4 bridge mode | | -p | --profile NAME | Set exit profile (stealth/speed/journalists/research) | | -n | --namespace | Network namespace isolation | | -c | --cleanup | Anti-forensic cleanup | | | --harden | Apply Firefox browser hardening | | | --cleanup-full | Full cleanup (swap + memory + logs) | | | --no-ks | Start without kill switch | | -v | --verbose | Enable verbose logging |

Examples

# Standard start (kill switch enabled)
sudo specternet -s

# Full stealth: MAC + namespace + bridge + stealth exits
sudo specternet -s -m -n -b -p stealth --harden

# Start with MAC randomization + bridge mode
sudo specternet -s -m -b

# Get a new identity (new exit node)
sudo specternet -r

# Run comprehensive leak tests (IP/DNS/IPv6/WebRTC)
sudo specternet -t

# View dashboard with circuit geography
sudo specternet -i

# Switch to journalists exit profile
sudo specternet -p journalists

# Full anti-forensic cleanup
sudo specternet --cleanup-full

# Stop and restore normal network
sudo specternet -x

Architecture

specternet/
  __init__.py      # Package metadata
  cli.py           # Main entry point & argument parsing
  config.py        # Centralized configuration & state management
  firewall.py      # iptables/ip6tables rule management
  tor_manager.py   # Tor daemon lifecycle & circuit control
  killswitch.py    # Connection watchdog & emergency blocking
  leak_test.py     # IP, DNS, IPv6 leak detection
  ui.py            # Rich terminal interface & dashboard

How It Works

+---------------------------------------------------+
|                  SpecterNet                        |
|                                                    |
|  +----------+  +----------+  +--------------+     |
|  | Firewall |  |   Tor    |  | Kill Switch  |     |
|  | iptables |--| Daemon   |--| (Watchdog)   |     |
|  | ip6tables|  |          |  |              |     |
|  +----------+  +----------+  +--------------+     |
|       |              |              |              |
|       v              v              v              |
|  +--------------------------------------------+   |
|  |           Leak Test Engine                  |   |
|  |    IP Check | DNS Test | IPv6 Test          |   |
|  +--------------------------------------------+   |
|                      |                             |
|                      v                             |
|  +--------------------------------------------+   |
|  |          Rich TUI Dashboard                 |   |
|  +--------------------------------------------+   |
+---------------------------------------------------+

1. Tor Configuration -- Writes secure torrc with cookie authentication
2. DNS Redirect -- Points resolv.conf to localhost Tor DNS
3. Tor Daemon -- Starts with transparent proxy on port 9040
4. Firewall Rules -- iptables redirects all TCP through Tor, blocks IPv6
5. Kill Switch -- Monitors Tor, blocks all traffic if it drops
6. Leak Tests -- Verifies no IP/DNS/IPv6 leaks

Disclaimer

This tool is intended for authorized security testing, privacy research, and educational purposes only. The user is solely responsible for complying with all applicable laws. Misuse of this tool may violate local, state, or federal laws.

Credits

• Developed by Zencefil Efendi

License

This project is licensed under the GNU General Public License v3.0 -- see the LICENSE file for details.