Detecting HTTPS, WebSocket, and QUIC tunnels (and pivoting)
The defensive counterpart: how to catch encrypted tunnels - REALITY, VLESS-over-WebSocket, DoH, QUIC/MASQUE - with self-hosted, open-source tooling. Threat model and obfuscation levels, a controls-vs-evasions matrix, …