Skills

flowdriver-covert-transport

Installation
SKILL.md

FlowDriver Covert Transport

Skill by ara.so — Daily 2026 Skills collection.

FlowDriver tunnels SOCKS5 proxy traffic through Google Drive API calls, making network traffic appear as legitimate cloud storage activity. It treats a shared Drive folder as a bidirectional data queue: the client uploads binary-encoded request packets, the server polls for them, opens real TCP connections, and returns responses as Drive files.

How It Works

Local App → SOCKS5 → FlowDriver Client → Google Drive Folder → FlowDriver Server → Internet
                      (upload requests)   (shared queue)        (download + proxy)
  1. Client listens on a local SOCKS5 port, encodes TCP requests into a binary protocol, and uploads them to a Drive folder.
  2. Server polls the same folder, downloads request files, opens real TCP connections to destinations, and uploads response files back.
  3. Traffic appears as normal googleapis.com API calls — resilient against SNI-based and DPI filtering.
Installs
233
Repository
aradotso/trending-skills
GitHub Stars
40
First Seen
Apr 26, 2026
Security Audits
Gen Agent Trust HubFail
SocketWarn
SnykFail
flowdriver-covert-transport — aradotso/trending-skills