COMMSEC: Say What You Want – Building a Full-Speed Anti-Censorship Router


August 24, 2023




CommSec Track

Since this talk was presented in #HITB2023AMS, I have been receiving email and tweet DMs asking for more information. So I decided to bring this talk back to HITB2023HKT. With additional stories.

Reversing GFW (Great FireWALLl) is not a new topic, but it evolved over the years. Especially these past 3 years, things have changed and the WALL has become greater and stronger. As a person staying in China since 28th Jan 2020, this talk is to share the knowledge behind and over the WALL. Final goal is to reach the full capacity from the ISP and to gain access to the world.

We will still cover some brief history of the WALL and different types of WALL. We will also talk about the filtering target. As in not only for outgoing traffic to the real internet, but internally too.

We will also cover methods to bypass and intro to different protocols, such as:

  • VPN
  • Not so VPN (Vmess, Vless, Trojan and etc.)

We will also discuss typical methods that we use (v2ray, xray, clash and etc). Also, during extreme time with extreme tricks:

  • Why and how is this happening
  • We do know when it’s not gonna work
  • DNS pollution
  • Additional lock period

Finally a journey to building a home router:

  • Specs and software
  • Which protocol to choose
  • OS/Software maintenance
  • How to make a non-zh_cn firmware
  • non-zh_cn tooks
  • Github able to help?
  • Nodes to escape, how to choose

Finally – gain access to the real internet at full speed!


Qiling Framework

KaiJern (@xwings). Founder of open source reverse engineering project, Qiling Framework ( His research topic is mainly on developing cutting edge cross platform reverse engineering framework, embedded devices security, blockchain security, and various security topics.

He presented his findings in different international security conferences like Blackhat, Defcon, HITB, Codegate, QCon, KCon, Brucon, H2HC, Nullcon, etc. He conducted hardware hacking courses in various conferences around the globe.

He is also actively involved in Unicorn Engine (, Capstone Engine (, Keystone Engine ( and