Development

We were asked to talk about the protocol technology XHTTP in the context of XRay, VLESS, and others. You asked for it, so here it is!

First, a bit of history. The classic use of VLESS and similar proxy protocols (including with XTLS-Reality) involves the client connecting directly to a proxy server running on some VPS. However, in many countries (including Russia), entire subnets of popular hosting providers have started to be blocked (or throttled), and in other countries, censors have begun to monitor connections to 'single' addresses with high traffic volumes. Therefore, for a long time, ideas of connecting to proxy servers through CDNs (Content Delivery Networks) have been considered and tested. Most often, the websocket transport was used for this, but this option has two major drawbacks: it has one characteristic feature (I won't specify it here to not make the RKN's job easier), and secondly, the number of CDNs that support websocket proxying is not that large, and it would be desirable to be able to proxy through those that do not.

Therefore, first in the well-known Tor project for bridges, the meek transport was invented, which allowed data to be transmitted using numerous HTTP request-response pairs, thus allowing connections to bridges (proxies) through any CDN. A little later, the same transport was implemented in the briefly resurrected V2Ray. But meek has two very significant drawbacks that stem from its operating principle: the speed is very low (in fact, we have half-duplex transmission and huge overhead from constant requests-responses), and due to the huge number of GET/POST requests every second, free CDNs can quickly kick us out, and paid ones can present a hefty bill.

Hello everyone, in this article I will explain how many people manage to bypass whitelists, and what the root of the problem is. If you are a 'newbie' and don't want to bother with all the setup, at the <a href="#services"> end of the article</a> I've listed services that are mentioned in discussions.

Direct connect VLESS + Reality to Europe (Amsterdam, Germany, Finland) is being shaped for almost everyone. TSPU has mastered a new tactic: they don't terminate the session via RST, but simply 'freeze' it. As soon as the data volume in a single TCP session exceeds 15-20 KB, packets stop arriving. The connection hangs until the client times out.

In 2025, sexting has become a real trend thanks to sexting neural networks and convenient platforms that make online intimate messaging safe and exciting. With the development of artificial intelligence, online sexting has turned into an art where everyone can enjoy virtual flirting without risk. I tested dozens of services and selected the TOP 10 bots and apps for sexting in Russian, evaluating them based on convenience, anonymity, and the quality of sexual correspondence. These sexting services offer everything: from anonymous sexting to virtual sex chat with self-destructing photos. Let's figure out which sexting chatbots and platforms are worthy of your attention and how they work.

Lately, there has been a flood of comments that goodbyedpi is not working again, so I decided to make instructions for you on 4 working ways to restore goodbyedpi's functionality. It works differently for everyone, so test them out to see which one suits you. Write in the comments what helped you, maybe some of your own values!

Greetings, dear readers! Continuing the SH article series, in this article we decided to focus in more detail on bots in Telegram, as in many cases they are no worse and more effective than common OSINT tools. The bots discussed in this article will mainly concern reconnaissance on Telegram users.

Disclaimer: All data provided in this article is taken from open sources. It does not call for action and is provided for informational purposes only, and for studying the mechanisms of the technologies used.

In a changing network infrastructure, mobile internet users face questions: what resources remain available, and what does this look like on a technical level? This material is the result of a practical study using standard network analysis tools.

No speculation—only measurements, numbers, and technical facts.

Hello everyone!

I, at my own risk, decided to install MAX and see what happens after installation. My research will result in at least 2 articles.

This is the first article. In it, I will compare the permissions requested by the MAX app for Android with the permissions requested by Telegram and WhatsApp.

Today, the major release v2rayN v7.0 was released, and along with it, my series of commits that add support for the "Russia" preset.

For it to work, a Russian source of geo files for v2ray/sing-box/etc. was also created.

This year, like many Habr visitors, I read with great interest the articles by the respected MiraclePtr, learned to apply his ideas and recommendations, and got practical experience with protocols, clients, and graphical panels. For many protocols, there are detailed installation and configuration instructions available to even the most inexperienced users who are just starting to explore the world of Linux.

I finally got around to the protocol briefly described in the article "Modern Anti-Censorship Technologies: V2Ray, XRay, XTLS, Hysteria, Cloak, and Everything Else" — the Hysteria protocol, which has already reached its second version. And I couldn't find a comprehensive Russian-language guide for it, which prompted me to gather all the information in one place once I figured out the main issues of installing and configuring the server and clients for using this protocol to bypass blocking.

The vast majority of the OSINT community is interested in analyzing individuals. Well, so be it. I've prepared a selection of various bots and services for you (GB and others are not included in the list, as even the lazy know about them, and it's not really OSINT anyway).

In the RU segment, VK is the pioneer of social media analysis. Although Telegram has started to move away from being just a messenger, transforming into a social network and gaining more and more popularity, it still doesn't come close to the volume of potentially important information about a target.

— It's worth noting that VKontakte is already starting to die out, and in my opinion, in two or three years, analysis of it will no longer be as relevant as it once was. People are using it noticeably less often. Still, VK remains a key tool for analyzing a person's biography, interests, social circle, origin, etc.

1. 220vk — An old, good, and rather worn-out service that allows you to identify hidden friends, find out who the target has followed/unfollowed, and their interests based on subscriptions to communities and people (with a timeline), as well as what changes have been made to their profile, etc.

2. VKHistoryRobot — A Telegram bot that gives you an idea of what a profile looked like in the past(very useful if the profile is private). It provides information in the form of a brief dump: Full Name; URL; photo.

3. FindClone, search4faces — reverse image search services for VK that allow you to search for a profile using an uploaded photo. Of these two, search4faces is free.

4. Social Graph Bot — a Telegram bot that allows you to build relationship graphs among a list of friends. With this tool, you will understand how diverse the social circle is, who among the friends is a relative, etc.; whether the account is legitimate and if it has connections to any group of people. (There are many applications, here is a guide from habr for you)

You can find even more interesting and educational content on my Telegram channel — @secur_researcher

There are several similar articles on this topic, but while I was trying to recover my account, I never saw this solution, so I decided to post it. I hope it will help someone.

I'll say right away that this situation happened before the 'boom' in the news about Telegram hacks, so it wasn't as well-known.

The whole story began when an acquaintance of mine wrote to me and asked for help in restoring access to her Telegram account. I was immediately surprised because I didn't think Telegram accounts were hacked at all, as login is usually by phone number, and without having the phone, you can only log in with a QR code or a code from the messenger itself.

Well, what could I do? I started trying to log into the account. Naturally, the app made it clear that I wouldn't be able to do so anytime soon.

Well, there have been quite a few articles on these topics, but I want to share the tools and experience that, in my practice, have proven to be very convenient and of high quality. There will be both individual methods for specific applications and universal ones that will help solve problems all at once.

VPN server

Well, let's probably start with the simplest and most universal method that will help you with everything: setting up your own VPN server on protocols like shadowsocks, openvpn, vless, vmess, trojan. The main advantage is that with a good client, the ping will be minimal. Many use Outline, which is very laggy, or v2rayN, which works much better. Speaking of other cool and high-quality clients, you can try Hiddify. If you know of any better ones, you can write about them in the comments. The essence is simple: you can buy a server and install everything yourself; there are plenty of guides,here'sone I personally used, everything is intuitive and without any problems. It solves absolutely all blocks for YouTube, Telegram, Discord, X (Twitter), and ChatGPT.

2. Next, let's move on to a method that helps with Discord and YouTube.

The reality of today is that most people write dossiers on themselves in their social networks. In this article, you will learn about some tools that will help you find out the maximum amount of information about a person.

In the fall of 2025, many people, myself included, opened their favorite hardware store to 'quickly grab another 32–64 GB of DDR5 for games, an IDE, and a couple of Docker containers'—only to close the tab in mild culture shock. The memory that cost a 'reasonable' amount in the summer suddenly cost almost as much as a mid-range graphics card.

In short, this isn't 'greedy stores' but the consequence of a rather complex restructuring of the entire DRAM market for AI servers and HBM memory. In this article, we'll explore what's happening at memory factories, why PC modules are suffering the most, what to expect in 2026, and how to make upgrade decisions if you're a gamer, developer, or just a hardware enthusiast.

In 2025, internet censorship in Russia, China, and Iran has reached an unprecedented level. Traditional VPN protocols like OpenVPN and even WireGuard are detected and blocked by Deep Packet Inspection (DPI) systems in seconds. Enter VLESS — a lightweight protocol that is becoming the last working solution for bypassing modern censorship.

This article explains how VLESS works on a technical level, why it is so effective at evading detection, and shares real-world experience of building a VPN service in Russia's hostile environment.

A VPN is a technology for a secure connection to a remote computer or network, and for most users, it's simply a safe way to use the internet in public Wi-Fi zones.

In this article, we will look at four ways to create your own VPN. Let's start with the simplest option, which is manageable even for novice PC users.

Greetings, dear readers! Continuing the SHX article series, in this article, we decided to focus in more detail on OSINT bots in Telegram, as in many cases they are no less effective than common OSINT tools. The OSINT bots discussed in this article will mainly concern reconnaissance on Telegram users. This material has been edited and republished due to being blocked by Roskomnadzor in the Russian Federation.

Disclaimer: All data provided in this article is taken from open sources. It does not call for action and is provided for informational purposes only, and for studying the mechanisms of the technologies used.

In this article, we will look at 3 ways to set up a VPN connection with VLESS and Reality.

VLESS is a modern, privacy-oriented data transfer protocol, often called VLESS VPN, although strictly speaking, we will be discussing the installation of a proxy with the VLESS protocol based on an XRay server with Reality.

Let's start with the simplest and most universal option, which requires no technical knowledge.