Skip to main content

Paprika - TLS/Header Spoofing Client & Proxy for Privacy and Scraping.

Project description

Paprika

version: 1.0.0

Paprika is a specialized, programmatic local Man-in-the-Middle (MITM) proxy engineered to prevent client-side profiling, tracking, and anti-bot fingerprinting. By synchronizing Layer 4 (TCP/TLS) handshakes, Layer 7 (HTTP/2) settings framing, and Client Runtime (JavaScript V8/Gecko/WebKit Engine) configurations, Paprika mitigates advanced device-fingerprinting vectors used by modern anti-bot systems (e.g., Akamai, Cloudflare, PerimeterX).

Unlike standard forward proxies that merely modify the User-Agent string, Paprika intercepts, reconstructs, and patches incoming traffic bi-directionally to ensure absolute cryptographic and semantic cohesion.


Deployment & Installation Architecture

Paprika is available in both GitHub and Codeberg and as a pip package.

System Prerequisites

Before initializing Paprika, your host environment must have OpenSSL installed and accessible via the system PATH. Paprika’s automated zero-dependency certificate manager shells out to the OpenSSL binary to generate the 2048-bit Root CA and self-signed certificates for local HTTPS MITM decryption.

  • Windows: winget install OpenSSL.OpenSSL (or via Git for Windows)
  • macOS: brew install openssl
  • Linux: sudo apt install openssl

Installation via pip

For production or standard daemonized usage, install the pre-compiled package directly via pip:

pip install paprika-proxy

Installation

Via GitHub:

git clone https://github.com/yourusername/paprika.git
cd paprika
pip install -r requirements.txt

Via Codeberg:

git clone https://codeberg.org/yourusername/paprika.git
cd paprika
pip install -r requirements.txt

(Dependencies primarily include curl_cffi for Layer-4 impersonation and proxy.py for the localized routing server).


Usage

Paprika operates under two distinct execution topologies: Fetch Mode (a single-shot, headless request execution) and Proxy Mode (a persistent, multi-threaded MITM interceptor).

If executed without arguments, Paprika drops into an interactive REPL (Read-Eval-Print Loop) shell (paprika-cli>) for session-persistent command execution.

1. Fetch Mode (Single-Shot Emulation)

Fetch mode is designed for CI/CD pipelines, quick endpoint validation, or localized scraping where spinning up a full proxy daemon is unnecessary. It routes a single request through the curl_cffi engine and prints the raw response.

Syntax:

paprika --mode fetch --url <TARGET_URL> [--method <METHOD>] [--browser <PROFILE>]

Example: Fetch a highly protected JSON endpoint while strictly impersonating Firefox 135 on Windows:

paprika --mode fetch -u "https://api.protected-site.com/v1/data" -m GET --browser firefox135

2. Proxy Mode (MITM Intercept Daemon)

Proxy mode binds a local listener that intercepts all outgoing browser or script traffic. It dynamically rewrites Layer 7 headers, injects the JS prototype hooks into HTML responses, and seamlessly handles TLS decryption/re-encryption.

Note: Upon boot, Paprika will automatically attempt to rewrite your host OS proxy settings (Windows Registry, macOS networksetup, or Linux gsettings) to route traffic through itself, restoring them upon a graceful exit.

Syntax:

paprika --mode proxy [--port <PORT>] [--browser <PROFILE>] [--ca-key-file <PATH> ...]

Example: Spin up the localized MITM proxy on port 8899, enforcing the Apple Silicon Safari 18.4 fingerprint constraint matrix:

paprika --mode proxy --port 8899 --browser safari184

Command Line Arguments

Argument Context Description Default
--mode Global Execution topology: fetch or proxy. fetch
-u, --url Fetch The fully qualified target URI. None
-m, --method Fetch The HTTP verb (e.g., GET, POST, OPTIONS). GET
--browser Global The configuration profile matrix to map against (chrome124, firefox135, safari184). chrome124
--port Proxy The local loopback port to bind the MITM listener to. 8899
--ca-key-file Proxy Explicit path to a custom Root CA Private Key. Auto-Generated
--ca-cert-file Proxy Explicit path to a custom Root CA Public Certificate. Auto-Generated

Author: nulsie License: GNU GPL v3

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

paprika_proxy-1.0.0.tar.gz (29.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

paprika_proxy-1.0.0-py2.py3-none-any.whl (29.2 kB view details)

Uploaded Python 2Python 3

File details

Details for the file paprika_proxy-1.0.0.tar.gz.

File metadata

  • Download URL: paprika_proxy-1.0.0.tar.gz
  • Upload date:
  • Size: 29.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: python-requests/2.34.1

File hashes

Hashes for paprika_proxy-1.0.0.tar.gz
Algorithm Hash digest
SHA256 4c5bc6dba3d796e03d65e89a42a9d7b3b815782e98b12e1ac8f626e9077f350d
MD5 e0308f2b350b4cd2658943148011a3f5
BLAKE2b-256 aa93eec823a42effeda92b2d95a70b38031018a78fb0e1a9d853a4e8b5fed6d4

See more details on using hashes here.

File details

Details for the file paprika_proxy-1.0.0-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for paprika_proxy-1.0.0-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 5edb411bcbf6386f811c6cc6db6fa655f2c85d2a73162503394fa1809eadbaaf
MD5 e23e4f152d882807b9ce0e516f022da5
BLAKE2b-256 847263a9b047b78772ec867e2b09c1c93fadaa7acc3dbe905b81408d92fea6b9

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page