{"id":20677232,"url":"https://github.com/operatorfoundation/adversarylabclientswift","last_synced_at":"2026-03-17T15:24:27.028Z","repository":{"id":49715246,"uuid":"247141809","full_name":"OperatorFoundation/AdversaryLabClientSwift","owner":"OperatorFoundation","description":"A port of the Adversary Lab client from Go to Swift","archived":false,"fork":false,"pushed_at":"2023-07-21T21:12:37.000Z","size":893,"stargazers_count":2,"open_issues_count":1,"forks_count":1,"subscribers_count":6,"default_branch":"main","last_synced_at":"2024-10-30T17:15:40.927Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Swift","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/OperatorFoundation.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-03-13T18:55:14.000Z","updated_at":"2024-04-25T18:57:02.000Z","dependencies_parsed_at":"2022-09-24T03:31:27.255Z","dependency_job_id":null,"html_url":"https://github.com/OperatorFoundation/AdversaryLabClientSwift","commit_stats":null,"previous_names":[],"tags_count":54,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OperatorFoundation%2FAdversaryLabClientSwift","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OperatorFoundation%2FAdversaryLabClientSwift/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OperatorFoundation%2FAdversaryLabClientSwift/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/OperatorFoundation%2FAdversaryLabClientSwift/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/OperatorFoundation","download_url":"https://codeload.github.com/OperatorFoundation/AdversaryLabClientSwift/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224969934,"owners_count":17400294,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-16T21:14:52.275Z","updated_at":"2025-12-26T16:03:39.667Z","avatar_url":"https://github.com/OperatorFoundation.png","language":"Swift","funding_links":[],"categories":[],"sub_categories":[],"readme":"# The Operator Foundation\n\n[Operator](https://operatorfoundation.org) makes useable tools to help people around the world with censorship, security, and privacy.\n\n## Adversary Lab\n\nAdversary Lab is a service that analyzes captured network traffic to extract statistical properties. Using this analysis, filtering rules can be synthesized to block sampled traffic.\n\nThe purpose of Adversary Lab is to give researchers and developers studying network filtering a way to understand how easy it is to block different protocols.\nIf you have an application that uses a custom protocol, Adversary Lab will demonstrate how a rule can be synthesized to systematically block all traffic using that protocol.\nSimilarly, if you have a network filtering circumvention tool, then Adversary Lab can synthesize a rule to block your tool.\nThis analysis can also be used to study tools that specifically attempt to defeat networking filtering, such as Pluggable Transports.\n\nAdversary Lab analysis works by training a classifier on two observed data sets, the \"allow\" set and the \"block\" set.\nFor instance, a simulated adversary could allow HTTP, but block HTTPS. By training the system with HTTP and HTTPS data, it will generate a rule that distinguishes these two classes of traffic based on properties observed in the traffic.\n\n## AdversaryLabClientSwift\n\nAdversaryLabClient is a command line tool written in Swift which captures traffic and submits it to AdversaryLab for analysis.\n\n#### Installation\n\nAdversary Lab is written in the Swift programming language. To compile it you need\nto install Swift 5.1 or higher:\n\n\u003chttps://swift.org/getting-started/\u003e\n\n\n#### Running\n\n##### All commands for the client must be run from the AdversaryLabClientSwift project directory\n\nTo use the client, Adversary Lab must already be running. See the [AdversaryLab documentation](https://github.com/OperatorFoundation/AdversaryLab) to set up and run AdversaryLab.\n\nTo interface with the AdversaryLab service, you need to use the command line client.\n\nRun the command line client without argument to get usage information:\n\n    ./.build/x86_64-apple-macosx/debug/AdversaryLabClientSwift\n\n**Train a simulated adversary by capturing network traffic that is designated as either allowed or blocked:**\n\n    sudo ./.build/x86_64-apple-macosx/debug/AdversaryLabClientSwift 80 allow\n\nThis will capture live traffic with a destination port of 80 and add it to the dataset as training for what traffic the adversary should allow.\n\nWe will also need to train the simulated adversary using captured network traffic that gives an example of what to block:\n\n    sudo ./.build/x86_64-apple-macosx/debug/AdversaryLabClientSwift 443 block\n\nThis will capture live traffic with a destination port of 443 and add it to the \"example\" dataset as training for what traffic the adversary should block.\n\n**Alternately you can capture network traffic first and assign the data as either allowed or blocked when you have are done capturing traffic:**\n\nIn this scenario you simply leave off the allow/block designation and only provide the port you would like Adversary Lab to listen on. Adversary lab will buffer your traffic until you type in either \"allow\" or \"block\". At which point it will stop recording and add it to the dataset based on your input.\n\nFor example:\n\n    sudo ./.build/x86_64-apple-macosx/debug/AdversaryLabClientSwift 443\n\nor\n\n    sudo ./.build/x86_64-apple-macosx/debug/AdversaryLabClientSwift 80\n\nOnce the simulated adversary has both \"allow\" and \"block\" traffic, and has observed at least three connections from each type, it can synthesize blocking rules.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foperatorfoundation%2Fadversarylabclientswift","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Foperatorfoundation%2Fadversarylabclientswift","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foperatorfoundation%2Fadversarylabclientswift/lists"}