Unfortunately, this requires having root on a server that is associated with a .com domain that is not blocked by your corporation's proxy/firewall.

1) Set up your SSH server to listen on port 443.

2) Install corkscrew. If you are on Windows, Cygwin's install has a --no-admin option you can pass from the command line, which will allow you to install it to some local directory. Once you have Cygwin, you can install corkscrew with no problems.

3) Set up ~/.ssh/config to route all outgoing non-local SSH connections over corkscrew to port 443 on your .com.

4) Run an SSH tunnel via corkscrew through your server on port 443.

5) Set up Firefox to use a local SOCKS5 proxy through your tunnel, making sure to check the DNS prefetching checkbox.

6) Browse away.

What is happening here is that the firewall/proxy will not block outgoing HTTP connections to port 443 on a non-blocked domain because they look like a normal web browsing request. Since you are routing SSH over HTTP (using corkscrew) and accessing the default HTTPS port (443), your SSH connection will look like a regular HTTPS request to a website. Since your connection is encrypted, it is undistinguishable from normal web traffic, and it is highly unlikely that it will be blocked unless someone specifically looks into your traffic patterns and is sharp enough to recognize it (nobody has every caught me). None of port blocking, protocol filtering, or DNS filtering will be able to block your internet access (unless you leak DNS queries, which you will not if you use Firefox.)

I believe that this is foolproof and have had 100% success with it so far. If anyone can see any flaws, please comment. Otherwise, considering the plethora of partial solutions I found while establishing this method, I thought I might contribute my final workaround here.