Redazione RHC : 9 September 2025 07:40
Security researcher Matthew Bryant recently unveiled Thermoptic, an innovative tool that acts as an HTTP proxy.
This tool can disguise network requests to appear to be traffic from the Chrome browser, allowing it to bypass fingerprinting blockers. In fact, services like Cloudflare are increasingly adopting these methods to identify “non-human” clients, such as bots or highly specialized parsers.
Thermoptic allows you to use common command-line utilities, but passes their requests as real browser requests. It simultaneously synchronizes multiple layers of network “signatures,” from TLS and HTTP to X.509 certificates and TCP packets. As a result, the fingerprints the service sees from the outside match those generated by the real Chrome.
The tool works by interacting with a real Chrome or Chromium instance via the CDP debugging protocol. Thermoptic generates the necessary context, such as a link click or a fetch() call, executes the request in the browser, and returns the response to the client. This ensures all the low-level details typically used to distinguish bots match.
You can implement a proxy via Docker with a single command. By default, a container is created with traffic proxied via a local port, but the project author recommends changing the default login and password and, if necessary, installing a root certificate to avoid HTTPS verification errors.
The tool also supports connecting “hooks,” small scripts that allow it to automatically bypass JavaScript checks or set necessary cookies before executing a request.
According to the author, the main difference between Thermoptic and other approaches is that it does not mimic the browser’s behavior, but uses the browser itself to execute the request. This reduces the risk of desynchronization between network layers and makes the tool less vulnerable to changes in fingerprinting algorithms.
Bryant emphasizes that the creation of Thermoptic is linked to the growing interest in fingerprinting technologies such as JA4+, which are actively implemented in modern WAFs and anti-bot systems. At the same time, he emphasizes that the responsibility for using the tool lies entirely with users and that the project itself is intended as an experiment in the field of open tools for researchers and developers.
Redazione