[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-71131":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":25,"hasPages":23,"topics":26,"createdAt":10,"pushedAt":10,"updatedAt":32,"readmeContent":33,"aiSummary":34,"trendingCount":16,"starSnapshotCount":16,"syncStatus":35,"lastSyncTime":36,"discoverSource":37},71131,"curl-impersonate","lwthiker\u002Fcurl-impersonate","lwthiker","curl-impersonate: A special build of curl that can impersonate Chrome & Firefox","",null,"Python",6043,454,64,73,0,8,14,47,24,38.97,"MIT License",false,"main",true,[27,28,29,30,31],"curl","https","security","ssl","tls","2026-06-12 02:02:48","# curl-impersonate ![Chrome](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Fchrome\u002Fchrome_24x24.png \"Chrome\") ![Edge](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Fedge\u002Fedge_24x24.png \"Edge\") ![Firefox](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Ffirefox\u002Ffirefox_24x24.png \"Firefox\") ![Safari](https:\u002F\u002Fgithub.com\u002Falrra\u002Fbrowser-logos\u002Fblob\u002Fmain\u002Fsrc\u002Fsafari\u002Fsafari_24x24.png \"Safari\")\n[![Build and test](https:\u002F\u002Fgithub.com\u002Flwthiker\u002Fcurl-impersonate\u002Factions\u002Fworkflows\u002Fbuild-and-test-make.yml\u002Fbadge.svg)](https:\u002F\u002Fgithub.com\u002Flwthiker\u002Fcurl-impersonate\u002Factions\u002Fworkflows\u002Fbuild-and-test-make.yml)\n[![Docker images](https:\u002F\u002Fgithub.com\u002Flwthiker\u002Fcurl-impersonate\u002Factions\u002Fworkflows\u002Fbuild-and-test-docker.yml\u002Fbadge.svg)](https:\u002F\u002Fgithub.com\u002Flwthiker\u002Fcurl-impersonate\u002Factions\u002Fworkflows\u002Fbuild-and-test-docker.yml)\n\nA special build of [curl](https:\u002F\u002Fgithub.com\u002Fcurl\u002Fcurl) that can impersonate the four major browsers: Chrome, Edge, Safari & Firefox. curl-impersonate is able to perform TLS and HTTP handshakes that are identical to that of a real browser.\n\ncurl-impersonate can be used either as a command line tool, similar to the regular curl, or as a library that can be integrated instead of the regular libcurl. See [Usage](#Basic-usage) below.\n\n## Why?\nWhen you use an HTTP client with a TLS website, it first performs a TLS handshake. The first message of that handshake is called Client Hello. The Client Hello message that most HTTP clients and libraries produce differs drastically from that of a real browser.\n\nIf the server uses HTTP\u002F2, then in addition to the TLS handshake there is also an HTTP\u002F2 handshake where various settings are exchanged. The settings that most HTTP clients and libraries use differ as well from those of any real browsers.\n\nFor these reasons, some web services use the TLS and HTTP handshakes to fingerprint which client is accessing them, and then present different content for different clients. These methods are known as [TLS fingerprinting](https:\u002F\u002Flwthiker.com\u002Fnetworks\u002F2022\u002F06\u002F17\u002Ftls-fingerprinting.html) and [HTTP\u002F2 fingerprinting](https:\u002F\u002Flwthiker.com\u002Fnetworks\u002F2022\u002F06\u002F17\u002Fhttp2-fingerprinting.html) respectively. Their widespread use has led to the web becoming less open, less private and much more restrictive towards specific web clients\n\nWith the modified curl in this repository, the TLS and HTTP handshakes look *exactly* like those of a real browser.\n\n## How?\n\nTo make this work, `curl` was patched significantly to resemble a browser. Specifically, The modifications that were needed to make this work:\n* Compiling curl with nss, the TLS library that Firefox uses, instead of OpenSSL. For the Chrome version, compiling with BoringSSL, Google's TLS library.\n* Modifying the way curl configures various TLS extensions and SSL options.\n* Adding support for new TLS extensions.\n* Changing the settings that curl uses for its HTTP\u002F2 connections.\n* Running curl with some non-default flags, for example `--ciphers`, `--curves` and some `-H` headers.\n\nThe resulting curl looks, from a network perspective, identical to a real browser.\n\nRead the full technical description in the blog posts: [part a](https:\u002F\u002Flwthiker.com\u002Freversing\u002F2022\u002F02\u002F17\u002Fcurl-impersonate-firefox.html), [part b](https:\u002F\u002Flwthiker.com\u002Freversing\u002F2022\u002F02\u002F20\u002Fimpersonating-chrome-too.html).\n\n## Supported browsers\nThe following browsers can be impersonated.\n| Browser | Version | Build | OS | Target name | Wrapper script |\n| --- | --- | --- | --- | --- | --- |\n| ![Chrome](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Fchrome\u002Fchrome_24x24.png \"Chrome\") | 99 | 99.0.4844.51 | Windows 10 | `chrome99` | [curl_chrome99](chrome\u002Fcurl_chrome99) |\n| ![Chrome](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Fchrome\u002Fchrome_24x24.png \"Chrome\") | 100 | 100.0.4896.75 | Windows 10 | `chrome100` | [curl_chrome100](chrome\u002Fcurl_chrome100) |\n| ![Chrome](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Fchrome\u002Fchrome_24x24.png \"Chrome\") | 101 | 101.0.4951.67 | Windows 10 | `chrome101` | [curl_chrome101](chrome\u002Fcurl_chrome101) |\n| ![Chrome](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Fchrome\u002Fchrome_24x24.png \"Chrome\") | 104 | 104.0.5112.81 | Windows 10 | `chrome104` | [curl_chrome104](chrome\u002Fcurl_chrome104) |\n| ![Chrome](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Fchrome\u002Fchrome_24x24.png \"Chrome\") | 107 | 107.0.5304.107 | Windows 10 | `chrome107` | [curl_chrome107](chrome\u002Fcurl_chrome107) |\n| ![Chrome](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Fchrome\u002Fchrome_24x24.png \"Chrome\") | 110 | 110.0.5481.177 | Windows 10 | `chrome110` | [curl_chrome110](chrome\u002Fcurl_chrome110) |\n| ![Chrome](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Fchrome\u002Fchrome_24x24.png \"Chrome\") | 116 | 116.0.5845.180 | Windows 10 | `chrome116` | [curl_chrome116](chrome\u002Fcurl_chrome116) |\n| ![Chrome](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Fchrome\u002Fchrome_24x24.png \"Chrome\") | 99 | 99.0.4844.73 | Android 12 | `chrome99_android` | [curl_chrome99_android](chrome\u002Fcurl_chrome99_android) |\n| ![Edge](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Fedge\u002Fedge_24x24.png \"Edge\") | 99 | 99.0.1150.30 | Windows 10 | `edge99` | [curl_edge99](chrome\u002Fcurl_edge99) |\n| ![Edge](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Fedge\u002Fedge_24x24.png \"Edge\") | 101 | 101.0.1210.47 | Windows 10 | `edge101` | [curl_edge101](chrome\u002Fcurl_edge101) |\n| ![Firefox](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Ffirefox\u002Ffirefox_24x24.png \"Firefox\") | 91 ESR | 91.6.0esr | Windows 10 | `ff91esr` | [curl_ff91esr](firefox\u002Fcurl_ff91esr) |\n| ![Firefox](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Ffirefox\u002Ffirefox_24x24.png \"Firefox\") | 95 | 95.0.2 | Windows 10 | `ff95` | [curl_ff95](firefox\u002Fcurl_ff95) |\n| ![Firefox](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Ffirefox\u002Ffirefox_24x24.png \"Firefox\") | 98 | 98.0 | Windows 10 | `ff98` | [curl_ff98](firefox\u002Fcurl_ff98) |\n| ![Firefox](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Ffirefox\u002Ffirefox_24x24.png \"Firefox\") | 100 | 100.0 | Windows 10 | `ff100` | [curl_ff100](firefox\u002Fcurl_ff100) |\n| ![Firefox](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Ffirefox\u002Ffirefox_24x24.png \"Firefox\") | 102 | 102.0 | Windows 10 | `ff102` | [curl_ff102](firefox\u002Fcurl_ff102) |\n| ![Firefox](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Ffirefox\u002Ffirefox_24x24.png \"Firefox\") | 109 | 109.0 | Windows 10 | `ff109` | [curl_ff109](firefox\u002Fcurl_ff109) |\n| ![Firefox](https:\u002F\u002Fraw.githubusercontent.com\u002Falrra\u002Fbrowser-logos\u002Fmain\u002Fsrc\u002Ffirefox\u002Ffirefox_24x24.png \"Firefox\") | 117 | 117.0.1 | Windows 10 | `ff117` | [curl_ff117](firefox\u002Fcurl_ff117) |\n| ![Safari](https:\u002F\u002Fgithub.com\u002Falrra\u002Fbrowser-logos\u002Fblob\u002Fmain\u002Fsrc\u002Fsafari\u002Fsafari_24x24.png \"Safari\") | 15.3 | 16612.4.9.1.8 | MacOS Big Sur | `safari15_3` | [curl_safari15_3](chrome\u002Fcurl_safari15_3) |\n| ![Safari](https:\u002F\u002Fgithub.com\u002Falrra\u002Fbrowser-logos\u002Fblob\u002Fmain\u002Fsrc\u002Fsafari\u002Fsafari_24x24.png \"Safari\") | 15.5 | 17613.2.7.1.8 | MacOS Monterey | `safari15_5` | [curl_safari15_5](chrome\u002Fcurl_safari15_5) |\n\nThis list is also available in the [browsers.json](browsers.json) file.\n\n## Basic usage\n\nFor each supported browser there is a wrapper script that launches `curl-impersonate` with all the needed headers and flags. For example:\n```\ncurl_chrome116 https:\u002F\u002Fwww.wikipedia.org\n```\nYou can add command line flags and they will be passed on to curl. However, some flags change curl's TLS signature which may cause it to be detected.\n\nPlease note that the wrapper scripts use a default set of HTTP headers. If you want to change these headers, you may want to modify the wrapper scripts to fit your own purpose.\n\nSee [Advanced usage](#Advanced-usage) for more options, including using `libcurl-impersonate` as a library.\n\n## Documentation\n\nMore documentation is available in the [docs\u002F](docs\u002FREADME.md) directory.\n\n## Installation\nThere are two versions of `curl-impersonate` for technical reasons. The **chrome** version is used to impersonate Chrome, Edge and Safari. The **firefox** version is used to impersonate Firefox.\n\n### Pre-compiled binaries\nPre-compiled binaries for Linux and macOS (Intel) are available at the [GitHub releases](https:\u002F\u002Fgithub.com\u002Flwthiker\u002Fcurl-impersonate\u002Freleases) page.\nBefore you use them you need to install nss (Firefox's TLS library) and CA certificates:\n* Ubuntu - `sudo apt install libnss3 nss-plugin-pem ca-certificates`\n* Red Hat\u002FFedora\u002FCentOS - `yum install nss nss-pem ca-certificates`\n* Archlinux - `pacman -S nss ca-certificates`\n* macOS - `brew install nss ca-certificates`\n\nAlso ensure you have zlib installed on your system.\nzlib is almost always present, but on some minimal systems it might be missing.\n\nThe pre-compiled binaries contain libcurl-impersonate and a statically compiled curl-impersonate for ease of use.\n\nThe pre-compiled Linux binaries are built for Ubuntu systems. On other distributions if you have errors with certificate verification you may have to tell curl where to find the CA certificates. For example:\n```\ncurl_chrome116 https:\u002F\u002Fwww.wikipedia.org --cacert \u002Fetc\u002Fssl\u002Fcerts\u002Fca-bundle.crt\n```\n\nAlso make sure to read [Notes on Dependencies](#notes-on-dependencies).\n\n### Building from source\nSee [INSTALL.md](INSTALL.md).\n\n### Docker images\nDocker images based on Alpine Linux and Debian with `curl-impersonate` compiled and ready to use are available on [Docker Hub](https:\u002F\u002Fhub.docker.com\u002Fr\u002Flwthiker\u002Fcurl-impersonate). The images contain the binary and all the wrapper scripts. Use like the following:\n```bash\n# Firefox version, Alpine Linux\ndocker pull lwthiker\u002Fcurl-impersonate:0.6-ff\ndocker run --rm lwthiker\u002Fcurl-impersonate:0.6-ff curl_ff109 https:\u002F\u002Fwww.wikipedia.org\n\n# Chrome version, Alpine Linux\ndocker pull lwthiker\u002Fcurl-impersonate:0.6-chrome\ndocker run --rm lwthiker\u002Fcurl-impersonate:0.6-chrome curl_chrome110 https:\u002F\u002Fwww.wikipedia.org\n```\n\n### Distro packages\nAUR packages are available to Archlinux users:\n* Pre-compiled package: [curl-impersonate-bin](https:\u002F\u002Faur.archlinux.org\u002Fpackages\u002Fcurl-impersonate-bin), [libcurl-impersonate-bin](https:\u002F\u002Faur.archlinux.org\u002Fpackages\u002Flibcurl-impersonate-bin).\n* Build from source code: [curl-impersonate-chrome](https:\u002F\u002Faur.archlinux.org\u002Fpackages\u002Fcurl-impersonate-chrome), [curl-impersonate-firefox](https:\u002F\u002Faur.archlinux.org\u002Fpackages\u002Fcurl-impersonate-firefox).\n\nUnofficial Homebrew receipts for Mac (Chrome only) are available [here](https:\u002F\u002Fgithub.com\u002Fshakacode\u002Fhomebrew-brew\u002Fblob\u002Fmain\u002FFormula\u002Fcurl-impersonate.rb):\n```\nbrew tap shakacode\u002Fbrew\nbrew install curl-impersonate\n```\n\n## Advanced usage\n### libcurl-impersonate\n`libcurl-impersonate.so` is libcurl compiled with the same changes as the command line `curl-impersonate`.\nIt has an additional API function:\n```c\nCURLcode curl_easy_impersonate(struct Curl_easy *data, const char *target,\n                               int default_headers);\n```\nYou can call it with the target names, e.g. `chrome116`, and it will internally set all the options and headers that are otherwise set by the wrapper scripts.\nIf `default_headers` is set to 0, the built-in list of  HTTP headers will not be set, and the user is expected to provide them instead using the regular [`CURLOPT_HTTPHEADER`](https:\u002F\u002Fcurl.se\u002Flibcurl\u002Fc\u002FCURLOPT_HTTPHEADER.html) libcurl option.\n\nCalling the above function sets the following libcurl options:\n* `CURLOPT_HTTP_VERSION`\n* `CURLOPT_SSLVERSION`, `CURLOPT_SSL_CIPHER_LIST`, `CURLOPT_SSL_EC_CURVES`, `CURLOPT_SSL_ENABLE_NPN`, `CURLOPT_SSL_ENABLE_ALPN`\n* `CURLOPT_HTTPBASEHEADER`, if `default_headers` is non-zero (this is a non-standard HTTP option created for this project).\n* `CURLOPT_HTTP2_PSEUDO_HEADERS_ORDER`, `CURLOPT_HTTP2_NO_SERVER_PUSH` (non-standard HTTP\u002F2 options created for this project).\n* `CURLOPT_SSL_ENABLE_ALPS`, `CURLOPT_SSL_SIG_HASH_ALGS`, `CURLOPT_SSL_CERT_COMPRESSION`, `CURLOPT_SSL_ENABLE_TICKET` (non-standard TLS options created for this project).\n* `CURLOPT_SSL_PERMUTE_EXTENSIONS` (non-standard TLS options created for this project).\nNote that if you call `curl_easy_setopt()` later with one of the above it will override the options set by `curl_easy_impersonate()`.\n\n### Using CURL_IMPERSONATE env var\nIf your application uses `libcurl` already, you can replace the existing library at runtime with `LD_PRELOAD` (Linux only). You can then set the `CURL_IMPERSONATE` env var. For example:\n```bash\nLD_PRELOAD=\u002Fpath\u002Fto\u002Flibcurl-impersonate.so CURL_IMPERSONATE=chrome116 my_app\n```\nThe `CURL_IMPERSONATE` env var has two effects:\n* `curl_easy_impersonate()` is called automatically for any new curl handle created by `curl_easy_init()`.\n* `curl_easy_impersonate()` is called automatically after any `curl_easy_reset()` call.\n\nThis means that all the options needed for impersonation will be automatically set for any curl handle.\n\nIf you need precise control over the HTTP headers, set `CURL_IMPERSONATE_HEADERS=no` to disable the built-in list of HTTP headers, then set them yourself with `curl_easy_setopt()`. For example:\n```bash\nLD_PRELOAD=\u002Fpath\u002Fto\u002Flibcurl-impersonate.so CURL_IMPERSONATE=chrome116 CURL_IMPERSONATE_HEADERS=no my_app\n```\n\nNote that the `LD_PRELOAD` method will NOT WORK for `curl` itself because the curl tool overrides the TLS settings. Use the wrapper scripts instead.\n\n### Notes on dependencies \n\nIf you intend to copy the self-compiled artifacts to another system, or use the [Pre-compiled binaries](#pre-compiled-binaries) provided by the project, make sure that all the additional dependencies are met on the target system as well. \nIn particular, see the [note about the Firefox version](INSTALL.md#a-note-about-the-firefox-version).\n\n## Contents\n\nThis repository contains two main folders:\n* [chrome](chrome) - Scripts and patches for building the Chrome version of `curl-impersonate`.\n* [firefox](firefox) - Scripts and patches for building the Firefox version of `curl-impersonate`.\n\nThe layout is similar for both. For example, the Firefox directory contains:\n* [Dockerfile](firefox\u002FDockerfile) - Used to build `curl-impersonate` with all dependencies.\n* [curl_ff91esr](firefox\u002Fcurl_ff91esr), [curl_ff95](firefox\u002Fcurl_ff95), [curl_ff98](firefox\u002Fcurl_ff98) - Wrapper scripts that launch `curl-impersonate` with the correct flags.\n* [curl-impersonate.patch](firefox\u002Fpatches\u002Fcurl-impersonate.patch) - The main patch that makes curl use the same TLS extensions as Firefox. Also makes curl compile statically with libnghttp2 and libnss.\n\nOther files of interest:\n* [tests\u002Fsignatures](tests\u002Fsignatures) - YAML database of known browser signatures that can be impersonated.\n\n## Contributing\nIf you'd like to help, please check out the [open issues](https:\u002F\u002Fgithub.com\u002Flwthiker\u002Fcurl-impersonate\u002Fissues). You can open a pull request with your changes.\n\nThis repository contains the build process for `curl-impersonate`. The actual patches to `curl` are maintained in a [separate repository](https:\u002F\u002Fgithub.com\u002Flwthiker\u002Fcurl) forked from the upstream curl. The changes are maintained in the [impersonate-firefox](https:\u002F\u002Fgithub.com\u002Flwthiker\u002Fcurl\u002Ftree\u002Fimpersonate-firefox)  and [impersonate-chrome](https:\u002F\u002Fgithub.com\u002Flwthiker\u002Fcurl\u002Ftree\u002Fimpersonate-chrome) branches.\n\n## Sponsors\nSponsors help keep this project open and maintained. If you wish to become a sponsor, please contact me directly at: lwt at lwthiker dot com.\n\n\u003Ca href=\"https:\u002F\u002Fserpapi.com\u002F\">\n  \u003Cimg src=\"https:\u002F\u002Fi.imgur.com\u002FCBOSxrm.png\" alt=\"Logo\"  width=\"165px\" height=\"65px\">\n\u003C\u002Fa>\n","curl-impersonate是一个特别构建的curl版本，能够模仿Chrome、Edge、Safari和Firefox四大主流浏览器的行为。该项目通过深度修改curl源码，使用与目标浏览器相同的TLS库（如nss或BoringSSL），调整TLS扩展配置及HTTP\u002F2连接设置等手段，确保其发起的TLS和HTTP握手过程与真实浏览器完全一致。这使得curl-impersonate在面对依赖于TLS或HTTP指纹识别技术进行内容分发控制的网站时，可以绕过这些限制，获取到与使用实际浏览器访问相同的内容。适用于需要模拟特定浏览器行为以测试网络服务响应、进行网络安全研究或开发自动化脚本等场景。",2,"2026-06-11 03:36:03","high_star"]