Automic VaultAutomic Vault

brew

Install obfs4proxy with Homebrew, apt

Pluggable transport proxy for Tor, implementing obfs4. Version 0.0.14 via Homebrew; verified from local package data.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install obfs4proxy

local Homebrew formula metadata

Linux

Debian aptverified · 92%
sudo apt install obfs4proxy

Debian stable package indexes · obfs4proxy · source: deb.debian.org

overview

Package summary

Pluggable transport proxy for Tor, implementing obfs4

Commands and aliases

  • obfs4proxy

history

Project history and usage

obfs4proxy is the executable from Yawning Angel's obfs4 project, a Go implementation of the obfs4 Tor pluggable transport. Its job is to transform Tor traffic between a censored client and a bridge so that network observers see obfuscated traffic rather than a recognizable Tor connection.

Project history

The upstream README describes obfs4 as a "look-like nothing" obfuscation protocol that borrows concepts from Philipp Winter's ScrambleSuit while changing the handshake design. The protocol uses the Tor Project's ntor handshake with public keys obfuscated through Elligator 2, and the link layer uses NaCl secret boxes based on Poly1305 and XSalsa20.

The GitLab project record was created on 2019-01-16, but the protocol and proxy have older Tor ecosystem roots; Debian packaging and historical discussions predate that GitLab creation date. The executable kept compatibility paths for obfs2 and obfs3 client/server modes and ScrambleSuit client mode to ease migration while obfs4 became the main focus.

Adoption history

Tor's bridge-operator documentation tells volunteers how to set up an obfs4 bridge for censored users and links platform-specific deployment guides across Linux distributions, BSD systems, Windows, and Docker. The same Tor page notes that the obfs4 project was renamed to lyrebird for source-building guidance, reflecting a handoff in anti-censorship transport maintenance while the `obfs4proxy` package name persists in distributions.

Debian packages obfs4proxy in the net section and describes it as compliant with the Tor pluggable transports specification, containing both client and bridge functionality in one program. Homebrew core packaged version 0.0.14 and recorded 532 installs over 365 days in the 2026-07-01 formula JSON.

How it is used

Operators run obfs4proxy from Tor configuration using `ServerTransportPlugin obfs4 exec ...` on bridges and `ClientTransportPlugin obfs4 exec ...` on clients. The upstream README also documents generated bridge parameters in Tor's pluggable-transport state directory and suggests using Linux capabilities when a bridge needs to bind low-numbered ports without running as root.

The Tor pluggable transport specification explains the broader architecture that obfs4proxy implements: Tor launches modular subprocesses that transform traffic for censorship circumvention. In practice, obfs4proxy is the subprocess that speaks the obfs4 transport while Tor handles relay and bridge behavior around it.

Why package nerds care

obfs4proxy is significant because it is not just another proxy binary; it is distribution-packaged anti-censorship infrastructure. Package managers make it easy for bridge operators and users to deploy the exact helper process Tor expects, while preserving a small single-executable interface around fairly specialized cryptographic and transport behavior.

Timeline

  • 2019-01-16: the GitLab project record for yawning/obfs4 was created.
  • 2026-07-01: Homebrew core formula metadata listed stable version 0.0.14 and the `obfs4proxy` executable.
  • 2026-07-01: Debian sid package metadata listed obfs4proxy 0.0.14-2 variants across multiple architectures.

Related projects

  • obfs4proxy belongs to Tor's pluggable-transport family and is related to older transports obfs2, obfs3, and ScrambleSuit, plus later Tor anti-censorship transports such as WebTunnel and Snowflake. The upstream project page and Tor bridge guide connect the historical obfs4 name with the lyrebird source project name used in newer Tor documentation.

security posture

Risk level: green

narrow executable package without higher-risk signals.

Risk classifier

green risk · low confidence · appliance

Why

  • narrow executable package without higher-risk signals

Signals

  • metadata:no-higher-risk-signals

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 13 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

executables

Installed executables

CommandKindExposureNote
obfs4proxycliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version0.0.14
manager updated
local dataok
upstreamnot checked
latest detectednot detected

https://gitlab.com/yawning/obfs4

  • infoNo package-manager update timestamp was available.low confidence
  • infoRelease/tag comparison is only available for GitHub repositories.https://gitlab.com/yawning/obfs4none confidence

install metadata

Package metadata

Package keybrew:obfs4proxy
Version0.0.14
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/obfs4proxy
Homepagehttps://gitlab.com/yawning/obfs4
Repositoryhttps://gitlab.com/yawning/obfs4
Upstream docshttps://gitlab.com/yawning/obfs4/-/blob/master/README.md
LicenseBSD-2-Clause
Source archivehttps://gitlab.com/yawning/obfs4/-/archive/obfs4proxy-0.0.14/obfs4-obfs4proxy-0.0.14.tar.gz
Build dependenciesgo
Bottleavailable (on arm64_big_sur, arm64_linux, arm64_monterey, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, big_sur, catalina, monterey, sonoma, ventura, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nameobfs4proxy
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Debian apt95%

obfs4proxy 0.0.14-2+b5

pluggable transport proxy for Tor, implementing obfs4

https://gitlab.com/yawning/obfs4

sudo apt install obfs4proxy
  • Section: net
  • Architecture: amd64
  • Source Package: obfs4proxy
  • 1 dependencies
  • normalized package name match
  • Matched by: Obfs4proxy
Debian stable package indexes · deb.debian.org · Debian stable package indexes: obfs4proxy from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Ubuntu apt95%

obfs4proxy 0.0.14-1build1

pluggable transport proxy for Tor, implementing obfs4

https://gitlab.com/yawning/obfs4

sudo apt install obfs4proxy
  • Section: universe/net
  • Architecture: amd64
  • 1 dependencies
  • normalized package name match
  • Matched by: Obfs4proxy
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: obfs4proxy from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment