Anti-Fingerprinting HTTP client with easy TLS fingerprint spoofing
Project description
TLS-Chameleon
Anti-Fingerprinting HTTP client that spoofs real browser TLS fingerprints with a simple, requests-like API.
🚀 Features
- TLS Fingerprint Spoofing: Built-in profiles for Chrome, Firefox, Safari (uses
curl_cffifor realistic signatures). - Persistent Sessions: Proper cookie handling and connection pooling (just like
requests.Session). - Magnet Module 🧲: One-line data extraction (Emails, Tables, Forms, JSON-LD, Links).
- Smart Static ⚡: Automatically fetch page assets (CSS/JS/Images) to mimic real browser traffic.
- Auto-Form 📝: Find and submit forms automatically, handling hidden inputs and CSRF tokens.
- Humanize 🧠: Built-in delays to mimic human reading/typing speed.
- Resilience: Auto-rotation of proxies/profiles upon blocking (403/429/Cloudflare).
🆚 Why use this vs curl_cffi?
| Feature | Raw curl_cffi | TLS-Chameleon |
|---|---|---|
| TLS Spoofing | You must manually set impersonate="chrome110" |
Auto-Rotation: It likely has logic to rotate these so you don't get stuck on one. |
| Asset Loading | You just get the HTML. | mimic_assets=True: It parses the HTML and fetches CSS/JS/Images to look like a "real" browser visit (very important for some anti-bots). |
| Forms | You must manually parse CSRF tokens and hidden fields. | client.submit_form(): It finds the form, keeps the hidden tokens, and submits for you. |
| Data Extraction | You need to use BeautifulSoup manually. | Magnet Module: It has built-in extractors for emails, tables, and json_ld. |
📦 Install
You can install TLS-Chameleon directly from PyPI:
pip install tls-chameleon[curl]
Note: The
[curl]extra is required for TLS fingerprint spoofing.
⚡ Quick Start
1. Simple Requests (Drop-in)
from tls_chameleon import get
# One-line spoofing
r = get("https://httpbin.org/get", fingerprint="chrome_124")
print(r.json())
2. Persistent Session (Recommended)
Use Session (alias for TLSChameleon) to maintain cookies across requests:
from tls_chameleon import Session
with Session(fingerprint="chrome_120") as client:
# First request sets cookies
client.get("https://github.com/login")
# Second request sends them back!
r = client.get("https://github.com/settings")
3. Magnet Extraction 🧲
AI Extraction (New! ✨)
Use Gemini, Claude, or OpenAI (ChatGPT/Grok) to extract data intelligently without regex.
# Install AI support
pip install tls-chameleon[ai]
r = client.get("https://news.ycombinator.com")
# 1. Google Gemini (Default)
print(r.magnet.ask("Summary", provider="gemini"))
# 2. Anthropic Claude
print(r.magnet.ask("Summary", provider="anthropic", model="claude-3-opus-20240229"))
# 3. OpenAI / Grok
# (Set OPENAI_API_KEY or pass api_key=...)
print(r.magnet.ask("Summary", provider="openai", model="gpt-4o"))
Standard Extractors
Don't write regex. Let Magnet do it.
r = client.get("https://example.com/contact")
emails = r.magnet.emails() # ['support@example.com']
tables = r.magnet.tables() # [['Row1', 'Val1'], ...]
links = r.magnet.links()
forms = r.magnet.get_forms() # List of parsed forms
json_data = r.magnet.json_ld() # Schema.org data
4. Cookie Persistence 🍪
Save your session to a Netscape-formatted file (compatible with wget/curl) to use later.
# Save
client.save_cookies("cookies.txt")
# Load later
client.load_cookies("cookies.txt")
4. Smart Features
Mimic Real Browser Traffic (Fetches static assets in background):
client.get("https://example.com", mimic_assets=True)
Auto-Submit Forms (Handles hidden fields automatically):
# Finds <form>, fills 'user'/'pass', keeps hidden tokens, POSTs to action.
client.submit_form("https://site.com/login", {
"username": "myuser",
"password": "mypassword"
})
Humanize Delays:
client.human_delay(reading_speed="fast") # Sleeps randomly based on speed
🛠 API Reference
Session(fingerprint=..., site=..., ...)
fingerprint: "chrome_120", "firefox_120", "mobile_safari_17".site: "cloudflare" or "akamai" (presets for retries/headers).randomize_ciphers: True/False (shuffles cipher suite order).proxies:http://user:pass@host:port
Response Object
The response object wraps curl_cffi.Response or httpx.Response but adds:
.magnet: Access extraction tools..json_fuzzy(): Parse broken/JSONP responses.
🤝 Contributing
Issues and Pull Requests welcome!
🌟 Credits
Special thanks to curl_cffi for the amazing low-level TLS spoofing capabilities that power this library.
☕ Support / Donate
If you found this library useful, buy me a coffee!
📜 License
MIT
🚨 Is this library failing on a specific site?
Please open an issue with the URL! I need test cases to improve the fingerprinting logic.
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file tls_chameleon-1.1.1.tar.gz.
File metadata
- Download URL: tls_chameleon-1.1.1.tar.gz
- Upload date:
- Size: 15.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
421d881488f7479e60b1497a7d2231c6c228231649134de5c8d8d387abf9695e
|
|
| MD5 |
a68518af77cef1be589628d1b65e6a78
|
|
| BLAKE2b-256 |
ade5d9d3e7e0bc793c923d9961f2d8b767148c16621c5dee06046926e16e44e5
|
File details
Details for the file tls_chameleon-1.1.1-py3-none-any.whl.
File metadata
- Download URL: tls_chameleon-1.1.1-py3-none-any.whl
- Upload date:
- Size: 13.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
1fa79d68979304deccee120406986e7a6f6b45b73688ffb201b8825ad13bc64e
|
|
| MD5 |
30087a42fa7bd87d9def076e0437b174
|
|
| BLAKE2b-256 |
c5157d21d61eda599a761bbc0e1bec48d019b2b5f53f21f0c3854aeef8373902
|
