curl-impersonate
challenge-bypass-extension
Our great sponsors
curl-impersonate | challenge-bypass-extension | |
---|---|---|
31 | 36 | |
3,319 | 1,241 | |
- | 0.7% | |
7.1 | 5.0 | |
about 2 months ago | about 1 month ago | |
Python | JavaScript | |
MIT License | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
curl-impersonate
-
Recent 'MFA Bombing' Attacks Targeting Apple Users
> us[e] Akamai to block scraping
Would https://github.com/lwthiker/curl-impersonate help? Haven’t tried with Akamai, but did help with another widely used CDN that shall remain unnamed (but has successfully infused me with burning hate for their products after a couple of years’ worth of using an always-on VPN to bypass Internet censorship and/or a slightly unusual browser).
- Curl-impersonate: Mimic real browsers' TLS handshake with curl
-
Get RSS feed for your Ko-Fi account
But before that, I had to create a development environment where I could do the coding. I used Docker and created a docker-compose.yml file on my local system to build a container. At first, I did that on an Arm based computer and the first problem appeared. Although RSS-Bridge was working fine, I couldn't get any data, and the reason was that Ko-Fi.com uses Cloudflare CDN. This is something that a lot of people had issues with in the past. RSS-Bridge solves that problem by using a special build of curl that can impersonate the four major browsers: Chrome, Edge, Safari & Firefox. But unfortunately, that library doesn't work well on Arm-based systems, so I had to move to my trusty Intel-based Linux computer.
-
curl-impersonate VS curl-impersonate-php - a user suggested alternative
2 projects | 2 Aug 2023
-
Found a way to bypass Cloudflare 403 forbidden in cURL, fetch
Curl-Impersonate: https://github.com/lwthiker/curl-impersonate A special build of curl that can impersonate Chrome & Firefox
- Weird API behavior: Only Postman and browser consistently work but making same request with requests library gets a Captcha instead.
-
Web fingerprinting is worse than I thought
I haven’t seen a custom build of Wget, but for Curl there is curl-impersonate[1].
[1] https://github.com/lwthiker/curl-impersonate
- Using selenium with proxy still hit bot detection
- Devirtualizing Nike.com's Bot Protection (Part 1)
-
Bypassing University Internet Restrictions for Legal Purposes (to access my homeservers/raspberry Pis/VPS)
If you're just trying to pull a file, the curl-impersonate could be a low-effort option.
challenge-bypass-extension
-
Flagship Mastodon instance to require AI disclosure; bans AI-only accounts
I'd be fine if "ID for the web" was implemented with privacypass https://privacypass.github.io/
-
Cloudflare verification not working
https://privacypass.github.io/ should help with Cloudflare verification. Works on Chrome and FireFox.
-
Blocked by Cloudflare
Cloudflare's Privacy Pass may help here: https://privacypass.github.io/
It should significantly reduce the amount of CAPTCHAs you see in a way that's not terrible for privacy.
For Safari, you can enable Private Access Tokens: https://blog.cloudflare.com/how-to-enable-private-access-tok...
Both of these mechanisms are similar to Google's web DRM proposal in that they rely on external issuers to generate tokens, but unlike Google's attempt they don't guarantee that ad blockers are disabled on pages that try to use tokens.
- Privacy Pass: A privacy-enhancing protocol and browser extension
-
Apple already shipped attestation on the web, and we barely noticed
The author is referring to this standard: https://privacypass.github.io/
Apple uses it for its iCloud Private Relay service. The blind token is used so that Cloudflare can verify that a given device pays for iCloud Private Relay without revealing their identity.
Attestation is when such a blind token is proving the integrity of the software running on the device, not proving arbitrary properties. Privacy Pass could actually enable a fast, semi-decentralized system of anonymizing proxies.
If Apple exposed the “is System Integrity Protection enabled” bit to the web, then that amounts to attestation to me, and yes: Apple can do it whenever it wants, and people want Apple to do it.
- A privacy-enhancing protocol and browser extension
-
Tell HN: Cloudflare verification is breaking the internet
Use Privacy Pass then if you don't want to use Chrome. https://privacypass.github.io/
-
How do you guys deal with all the captchas?
Most hCaptcha and many Cloudflare -> https://privacypass.github.io/
-
Cloudflare traps me in a captcha loop if I'm running any sort of fingerprint protection?.(Firefox)
That's weird, I haven't used it recently but will take a look. Looks like you're not the only one having issues though: https://github.com/privacypass/challenge-bypass-extension/issues/389
-
Is it possible to solve CAPTCHAs at the network level akin to the way Pi-hole filters ads at the network level?
This wouldn't be at the network level, but there is this amazing extension at the browser level: https://privacypass.github.io/
What are some alternatives?
curl_cffi - Python binding for curl-impersonate via cffi. A http client that can impersonate browser tls/ja3/http2 fingerprints.
friendly-challenge - The widget and docs for the proof of work challenge used in Friendly Captcha. Protect your websites and online services from spam and abuse with Friendly Captcha, a privacy-first anti-bot solution.
puppeteer - Node.js API for Chrome
buster - Captcha solver extension for humans, available for Chrome, Edge and Firefox
SendWhatsppTextByJavaScript - Here is small JS Script for sending a message in a loop.
adblock-rust - Brave's Rust-based adblock engine
static-curl - fully static builds of curl, runs anywhere
basic-attention-token-crowdsale - Basic Attention Token
browsercookie
mullvadvpn-app - The Mullvad VPN client app for desktop and mobile
instagram-private-api - NodeJS Instagram private API SDK. Written in TypeScript.
turtledove - TURTLEDOVE