retryablehttp-go icon indicating copy to clipboard operation
retryablehttp-go copied to clipboard

Published 20 hours ago verified publisher icon projectdiscovery

HTTP2 Impersonate improvements - Chrome

Open Mzack9999 opened this issue 2 years ago • 0 comments

Please describe your feature request:

The TLS Impersonate functionality from fastdialer can be combined with specific HTTP2 frames settings to further reduce server side fingerprinting, in particular the HTTP2 settings should be changed as follows:

SETTINGS_HEADER_TABLE_SIZE = 65536 (2^16)
SETTINGS_ENABLE_PUSH = 1
SETTINGS_MAX_CONCURRENT_STREAMS = 1000
SETTINGS_INITIAL_WINDOW_SIZE = 6291456
SETTINGS_MAX_FRAME_SIZE = 16384 (2^14)
SETTINGS_MAX_HEADER_LIST_SIZE = 262144 (2^18)

Original net/http values are the following potentially used to detected go client:

SETTINGS_HEADER_TABLE_SIZE = 4096
SETTINGS_ENABLE_PUSH = 0
SETTINGS_MAX_CONCURRENT_STREAMS = unlimited
SETTINGS_INITIAL_WINDOW_SIZE = 4194304
SETTINGS_MAX_FRAME_SIZE = 16384
SETTINGS_MAX_HEADER_LIST_SIZE = 10485760

Ref: https://lwthiker.com/reversing/2022/02/20/impersonating-chrome-too.html

Mzack9999 avatar Oct 20 '23 14:10 Mzack9999