v2.1.0

Changelog

Fixed

• Fix java.lang.NumberFormatException error (closes #15) by @sleeyax in #105

Added

• Write certificate files to user configuration directory by default by @sleeyax in #107

Chores

• Add build job to test PRs by @sleeyax in #96
• Configure Renovate by @renovate in #92
• Update module github.com/bogdanfinn/fhttp to v0.5.36 by @renovate in #93
• Update dependency net.java.dev.jna:jna to v5.16.0 by @renovate in #98
• Update dependency gradle to v7.6.4 by @renovate in #97
• Update actions/checkout action to v4 by @renovate in #99
• Update actions/setup-go action to v5 by @renovate in #100
• Update dependency com.google.code.gson:gson to v2.12.1 by @renovate in #94
• Update gradle/gradle-build-action action to v3 by @renovate in #103
• Update actions/setup-java action to v4 by @renovate in #101
• Update dependency gradle to v8 by @renovate in #102

Full Changelog: v2.0.0...v2.1.0

v2.0.0

🎉 Major release

Yet another major release! It's been a while 👀 .

Changelog

PR: #89.

Breaking changes

• Migrated HTTP/TLS stack to bogdanfinn TLS client
  • Maintaining the whole HTTP/TLS layer completely by myself is no longer realistic. We already added some level of abstraction in V1, but integrating oohttp + utls still required quite a bit of manual work and the end result wasn't as feature complete as this library. Any necessary changes should be pushed upstream so the whole community can benefit.
  • Adds many more fingerprints (see below for the full list).
  • Already handles HTTP 2 SETTINGS frames, pseudo header order, priorities etc.
  • Battle tested (by me and many others).
• Migrated to Burp Montaya API
  • The old Burp Extender API is deprecated.
• Removed support for HTTP response header order
  • This is currently not possible with the underlying lib we now rely on. Upstream changes are required to add this back in.
  • Note: this is only a visual thing in Burp's proxy view; your actual fingerprint is unaffected by this change
• Removed http keep alive interval, idle connection timeout, TLS handshake timeout settings

Added

• Add list of supported fingerprints dynamically
  • Basically this means the list auto-updates whenever we bump the dependency version

Fixed

• Addresses several long-standing issues (see PR #89 for a list)

---

Click to show the full list of fingerprints included in this release

• Chrome 117
• Chrome 120
• Chrome 124
• Chrome 131
• Chrome 131 PSK
• Chrome 133
• Chrome 133 PSK
• Safari 15 6 1
• Safari 16 0
• Safari Ipad 15 6
• Safari Ios 15 5
• Safari Ios 15 6
• Safari Ios 16 0
• Safari Ios 17 0
• Safari Ios 18 0
• Firefox 102
• Firefox 104
• Firefox 105
• Firefox 106
• Firefox 108
• Firefox 110
• Firefox 117
• Firefox 120
• Firefox 123
• Firefox 132
• Firefox 133
• Opera 89
• Opera 90
• Opera 91
• Zalando Android Mobile
• Zalando Ios Mobile
• Nike Ios Mobile
• Nike Android Mobile
• Cloudscraper
• Mms Ios
• Mms Ios 1
• Mms Ios 2
• Mms Ios 3
• Mesh Ios
• Mesh Ios 1
• Mesh Ios 2
• Mesh Android
• Mesh Android 1
• Mesh Android 2
• Confirmed Ios
• Confirmed Android
• Okhttp4 Android 7
• Okhttp4 Android 8
• Okhttp4 Android 9
• Okhttp4 Android 10
• Okhttp4 Android 11
• Okhttp4 Android 12
• Okhttp4 Android 13

v1.2.2

Fixed

• Updated go dependencies (most importantly UTLS) to fix #69 by @sleeyax in #70

Full Changelog: v1.2.1...v1.2.2

v1.2.1

Added

• Added custom hex client hello field back (removed in v1.2.0) by @nabil-ak in #64

New Contributors

• @nabil-ak made their first contribution in #64

Full Changelog: v1.2.0...v1.2.1

v1.2.0

Changelog

Added

• Add automatic TLS fingerprint by @VovkoO in #51

Breaking: removed the custom client hello hex field in favor of this new feature.

---

Full Changelog: v1.1.2...v1.2.0

v1.1.2

Changelog

Added

• Support for Linux ARM and ARM64 (#34)

v1.1.1

Changelog

Added

• Support for M1 Macs by @infosec-au (#30)

v1.1.0

Changelog

Added

• Custom TLS fingerprint support by @VovkoO (#29)

v1.0.0

🚀 Major release time!

Hey folks, this is a major update I've been working on over the past few days to address a few outstanding issues and to rework some things.

Changelog

PR: #27.

Added

• New underlying TLS and HTTP implementations. Should be easier to maintain going forward.
• Response header order support (#19)
• Custom initial HTTP2 SETTINGS frame for Chrome fingerprints (#11)
• Ordered pseudo headers for HTTP 2
• More timeout settings added to UI
• More and updated fingerprints
  • Chrome 102
  • Chrome 100
  • Chrome 96
  • Firefox 105
  • Firefox 102
  • Firefox 99
  • Edge 106
  • Edge 85
  • Safari 16
  • QQBrowser 11
  • iOS 14
  • iOS 13
  • iOS 12
  • Android 11
  • Randomized
  • Randomized ALPN
  • Randomized No ALPN

Fixed

• Set InsecureSkipVerify to true (#22)
• Concurrent map writes error (#26)

Changed

• Updated docs (rewordings, new diagram, add showcase)

v0.0.4

Fix multi-value response headers being overwritten (closes #17)