Inside the 500GB leak of China’s Great Firewall code

China’s Great Firewall has suffered its largest leak: more than 500 GB of source code, documents, and operational logs were exposed publicly. The archive bundles instructions, repositories, and build systems linked to the upkeep of the country’s internet censorship infrastructure.

According to researchers, the materials originate from Geedge Networks and the MESA laboratory of the Chinese Academy of Sciences. Among the trove are modules for DPI platforms, VPN detection, SSL fingerprinting, and exhaustive logging of internet sessions. Particular focus falls on the commercial system Tiangou, presented as a firewall in a box for service providers and state network hubs.

The documents also reveal the reach of these technologies beyond China. In Myanmar, the system spanned 26 data centers and controlled up to 81 million TCP connections at once. Similar solutions were exported to Pakistan, Ethiopia, and Kazakhstan, where they were used for mass filtering and traffic monitoring.

Experts describe the leak as unprecedented, offering a rare look at how Chinese censorship is engineered and commercialized. Analysts say that studying the source code may expose weak points in filtering systems, while activists have already shared the archive and urged caution when examining it. The scale and specificity conveyed by the files suggest a mature, industrialized apparatus whose inner workings are revealed with unusual clarity.