Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Build Status CircleCI Codacy Badge


Reverse socks5 tunneler with SSL/TLS and proxy support (without proxy authentication and with basic/NTLM proxy authentication) Based on and


  • Single executable (thanks to Go!)
  • Linux/Windows/Mac/BSD support
  • Encrypted communication with TLS
  • Support for proxies (without authentication or with basic/NTLM proxy authentication)
  • Automatic SSL/TLS certificate generation if not specified


  • server = locally listening socks server
  • client = client which connects back to server


1) Start on VPS: revsocks -listen :8443 -socks -pass SuperSecretPassword
2) Start on client: revsocks -connect clientIP:8443 -pass SuperSecretPassword
3) Connect to on the VPS with any socks5 client.
4) Enjoy. :]

Optional parameters

Add params:
 -proxy - connect via proxy
 -proxyauth Domain/username:password  - proxy creds
 -proxytimeout 2000 - server and clients will wait for 2000 msec for proxy connections... (Sometime it should be up to 4000...)
 -useragent "Internet Explorer 9.99" - User-Agent used in proxy connection (sometimes it is usefull)
 -pass Password12345 - challenge password between client and server (if not match - server reply 301 redirect)
 -recn - reconnect times number. Default is 3. If 0 - infinite reconnection
 -rect - time delay in secs between reconnection attempts. Default is 30


  • Go 1.4 or higher
  • Few external Go modules (yamux, go-socks5 and go-ntlmssp)

Compile and Installation

Linux VPS

  • install Golang: apt install golang
export GOPATH=~/go
go get
go get
go get
go build


./revsocks -listen :8443 -socks -pass Password1234

Windows client:

  • download and install golang
go get
go get
go get
go build

Windows optional

optional: to build as Windows GUI:

go build -ldflags -H=windowsgui

You can also compress exe - just use any exe packer, ex: UPX

upx revsocks

Usage examples

revsocks -connect clientIP:8443 -pass Password1234

or with proxy and user agent:

revsocks -connect clientIP:8443 -pass Password1234 -proxy proxy.domain.local:3128 -proxyauth Domain/userpame:userpass -useragent "Mozilla 5.0/IE Windows 10"

Client connects to server and send agentpassword to authorize on server. If server does not receive agentpassword or reveive wrong pass from client (for example if spider or client browser connects to server ) then it send HTTP 301 redirect code to

Custom certificate

Generate self-signed certificate with openssl:

openssl req -new -x509 -keyout server.key -out server.crt -days 365 -nodes