Product
Introducing Reports: An Extensible Reporting Framework for Socket Data
Explore exportable charts for vulnerabilities, dependencies, and usage with Reports, Socket’s new extensible reporting framework.
By André Staltz - Apr 21, 2026
Launch Week Day 1: Socket for Jira Is Now Available.Learn More →
tcp-tls-tunnel
Advanced tools
tcp-tls-tunnel
Provides NodeJS Http and Https agents that establish TCP and TLS connections via our modified poxy server.
TCP TLS Tunnel
Provides NodeJS Http and Https agents that establish TCP and TLS connections via our modified poxy server. Our TLS Layer pass ciphers and has SSL session ticket support by default. If you are really interested in testing it for free, you can find out more details in our Discord Channel.
Installation: npm i tcp-tls-tunnel
Discord Channel: TCP TLS Tunnel
Usage examples
Lets test it with axios and request so add import statements:
import axios from "axios";
import * as request from "request";
Firstly we have to create https Agent for https request:
import { TunnelHttpsAgent, CLIENTS } from "tcp-tls-tunnel";
const tunnelHttpsAgent = new TunnelHttpsAgent({
host: "127.0.0.1", // tunnel address
port: 1337, // tunnel port
auth: undefined, /* Optional, If tunneling server requires authentication, then pass credentials:
auth: {
login: "<your login>",
password: "<your login>",
}*/
proxy: undefined, /* or you can easilly use your own http proxy
proxy: {
host: "your.proxy.host",
port: 1234,
auth: { // optional
login: "<your proxy login>",
password: "<your proxy password>"
}
}
*/
client: CLIENTS.CHROME // also can simulate "FIREFOX" or "IOS". Optional. Default: "CHROME"
});
You can also use our util to fix mistakes in headers names and sort them correctly:
import { normalizeHeaders } from "tcp-tls-tunnel";
Declare User-Agent constant for the following request:
const USER_AGENT = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36";
Axios usage:
axios.get("https://www.howsmyssl.com/a/check", {
httpsAgent: tunnelHttpsAgent,
headers: normalizeHeaders({
Host: "www.howsmyssl.com",
Connection: "keep-alive",
"Upgrade-Insecure-Requests": "1",
"User-Agent": USER_AGENT,
Accept: "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9",
"Accept-Encoding": "gzip, deflate, br",
"Accept-Language": "ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7"
})
})
.then(result => console.log({axios: result.data}))
.catch(e => console.error(e));
Output:
{ axios:
{ given_cipher_suites:
[ 'TLS_GREASE_IS_THE_WORD_BA',
'TLS_AES_128_GCM_SHA256',
'TLS_AES_256_GCM_SHA384',
'TLS_CHACHA20_POLY1305_SHA256',
'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256',
'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256',
'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384',
'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384',
'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256',
'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256',
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA',
'TLS_RSA_WITH_AES_128_GCM_SHA256',
'TLS_RSA_WITH_AES_256_GCM_SHA384',
'TLS_RSA_WITH_AES_128_CBC_SHA',
'TLS_RSA_WITH_AES_256_CBC_SHA' ],
ephemeral_keys_supported: true,
session_ticket_supported: true,
tls_compression_supported: false,
unknown_cipher_suite_supported: false,
beast_vuln: false,
able_to_detect_n_minus_one_splitting: false,
insecure_cipher_suites: {},
tls_version: 'TLS 1.3',
rating: 'Probably Okay' } }
Request usage:
request.get("https://www.howsmyssl.com/a/check", {
agent: tunnelHttpsAgent,
headers: normalizeHeaders({
Host: "www.howsmyssl.com",
Connection: "keep-alive",
"Upgrade-Insecure-Requests": "1",
"User-Agent": USER_AGENT,
Accept: "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9",
"Accept-Encoding": "gzip, deflate, br",
"Accept-Language": "ru-RU,ru;q=0.9,en-US;q=0.8,en;q=0.7"
})
}, ((error, response, body) => console.log({request: JSON.parse(body)})));
Output:
{ request:
{ given_cipher_suites:
[ 'TLS_GREASE_IS_THE_WORD_3A',
'TLS_AES_128_GCM_SHA256',
'TLS_AES_256_GCM_SHA384',
'TLS_CHACHA20_POLY1305_SHA256',
'TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256',
'TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256',
'TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384',
'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384',
'TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256',
'TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256',
'TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA',
'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA',
'TLS_RSA_WITH_AES_128_GCM_SHA256',
'TLS_RSA_WITH_AES_256_GCM_SHA384',
'TLS_RSA_WITH_AES_128_CBC_SHA',
'TLS_RSA_WITH_AES_256_CBC_SHA' ],
ephemeral_keys_supported: true,
session_ticket_supported: true,
tls_compression_supported: false,
unknown_cipher_suite_supported: false,
beast_vuln: false,
able_to_detect_n_minus_one_splitting: false,
insecure_cipher_suites: {},
tls_version: 'TLS 1.3',
rating: 'Probably Okay' } }
If you want to do an http request through our tunnel, you can also use TunnelHttpAgent:
import { TunnelHttpAgent } from "tcp-tls-tunnel";
FAQs
Provides NodeJS Http and Https agents that establish TCP and TLS connections via our modified poxy server.
We found that tcp-tls-tunnel demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Package last updated on 11 Nov 2020
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Socket for Jira Is Now Available
Socket for Jira lets teams turn alerts into Jira tickets with manual creation, automated ticketing rules, and two-way sync.
By Jeppe Hasseriis - Apr 20, 2026
Company News
Socket Named Top Sales Organization by RepVue
Socket won two 2026 Reppy Awards from RepVue, ranking in the top 5% of all sales orgs. AE Alexandra Lister shares what it's like to grow a sales career here.
By Sarah Gooding - Apr 17, 2026