A fast, modern, no-VPN DPI evader written in C++.
English-language port of SiktirGitDPI — same engine, internationalized README and CLI.
Many ISPs and national-level firewalls inspect TCP/TLS traffic with Deep Packet Inspection (DPI) to throttle, block, or man-in-the-middle specific destinations. DPIBust evades that inspection at the kernel level by mangling outbound packets so the DPI box can't reassemble them — while servers can.
- No VPN. Packets keep their original source/destination. No tunnel, no slowdown, no third party.
- Kernel-level. Uses WinDivert to intercept packets before they leave the NIC.
- Adaptive. Multiple strategies (TLS-split, wrong-checksum, fake-TTL, RST-drop, etc.) and an auto-tuner that picks the best one for your network.
Originally built against the four major Turkish ISPs (Türk Telekom, Turkcell Superonline, Vodafone, TurkNet) but the strategies are general and work against most modern DPI deployments.
vs. GoodbyeDPI: does everything GoodbyeDPI does, plus wrong-checksum strategy, ISP-RST drop, auto-strategy selection, and a GUI.
- Grab the latest release:
dpibust-v0.2.0-win64.zip - Unzip
- Double-click one of:
| Launcher | What it does |
|---|---|
GUI.cmd |
Graphical UI — pick a profile, hit start, watch live packet stats |
1_SAFE_START.cmd |
Only routes blocked sites — banks & .gov.* untouched |
2_TT_TurkTelekom.cmd |
Tuned for Türk Telekom |
3_Turkcell_Superonline.cmd |
Tuned for Turkcell |
4_Vodafone.cmd |
Tuned for Vodafone |
5_TurkNet.cmd |
Tuned for TurkNet |
7_AUTO_DETECT.cmd |
Probes your network and picks the strongest strategy automatically |
- Accept the UAC prompt (admin is required — we touch the kernel network stack)
- Browse normally
Stop:
Ctrl+Cin the window or double-clickstop.cmd.
| Strategy | What it does |
|---|---|
| TLS Split | Cuts the TCP segment in half right inside the SNI — DPI never sees a complete ClientHello |
| Wrong Checksum | Sends a poisoned-checksum decoy packet first; DPI processes it, server discards it |
| Fake TTL | Decoy with a TTL low enough to die at the DPI but not at the server |
| Inbound RST Drop | Drops forged RST packets the ISP injects to kill your connection |
| HTTP Mangle | Rewrites the Host: header into a form DPI doesn't recognize but servers do |
| DNS Redirect | Transparently routes DNS to 1.1.1.1 to defeat DNS hijacking |
| TCP Disorder | Reorders packets so DPI fails to reassemble |
| OOB / MD5 / Zero-Window | Additional confusion techniques |
| Feature | GoodbyeDPI | DPIBust |
|---|---|---|
| TLS Split + Fake TTL | ✅ | ✅ |
| Wrong Checksum | ✅ | ✅ |
| HTTP Mangle | ✅ | ✅ |
| Inbound RST drop | ❌ | ✅ |
| Auto-tune (probes & picks the best strategy) | ❌ | ✅ |
| Auto-TTL (ICMP-based discovery) | ❌ | ✅ |
| Transparent DNS redirect | ❌ | ✅ |
| Domain filter (allow- / block-list) | ❌ | ✅ |
| GUI | ❌ | ✅ |
| ISP presets | ❌ | ✅ |
| Flow tracking | ❌ | ✅ |
Double-click GUI.cmd:
- Pick an ISP profile from the dropdown
- Hit START
- Watch live packet flow in the stats panel
- Minimize-to-tray; closing the window keeps it running
# Default profile
dpibust.exe --preset tt --stats
# Auto-detect best strategy for a target
dpibust.exe --auto youtube.com
# Manual configuration
dpibust.exe --strategies tls-split,fake-ttl,wrong-chksum --fake-ttl auto --inbound-rst-drop
# List available strategies
dpibust.exe --list-strategies
# Version
dpibust.exe --version- Windows 10/11 (x64)
- CMake ≥ 3.20
- MinGW-w64 or Visual Studio 2022
# 1. Fetch the WinDivert SDK
.\scripts\get-windivert.ps1
# 2. Build
.\scripts\build.bat
# 3. Run tests
ctest --test-dir build -C ReleaseOutput: build\Release\dpibust.exe
powershell -ExecutionPolicy Bypass -File scripts\package.ps1DPIBust/
├── src/ C++ source
├── include/sgdpi/ Public headers
├── tests/ 39 unit tests
├── presets/ ISP profiles (.conf)
│ ├── tt.conf Türk Telekom
│ ├── turkcell.conf Turkcell Superonline
│ ├── vodafone.conf Vodafone
│ ├── turknet.conf TurkNet
│ ├── safe.conf Safe mode (allowlist)
│ ├── aggressive.conf All strategies
│ ├── blocked-sites.txt Block list
│ └── banks-safelist.txt Don't-touch list (banks, .gov, etc.)
├── releases/x64/ GUI + launcher scripts
├── scripts/ Build / package scripts
└── third_party/ WinDivert SDK (auto-fetched)
Q: Windows SmartScreen blocked it. A: Click "More info" → "Run anyway". Source is open — build it yourself if you'd rather.
Q: No profile is working.
A: Try 7_AUTO_DETECT.cmd. It probes your network and finds the best strategy in 30-60 seconds.
Q: Online banking / government sites break.
A: Use 1_SAFE_START.cmd. It only routes blocked sites; banks & .gov.* are passed untouched.
Q: I want it to start with Windows.
A: Double-click service_install.cmd. Installs as a Windows service.
Q: WinDivert errors.
A: Make sure you ran as admin. WinDivert.dll and WinDivert64.sys must sit next to dpibust.exe.
DPIBust is built for personal use, network research, and circumvention of unjust censorship. You are responsible for how you route your traffic.
MIT — see LICENSE.
- SiktirGitDPI — the Turkish-language original this project ports
- WinDivert — the kernel packet interception library this all stands on
- GoodbyeDPI — pioneering work that inspired several strategies here