[REQUEST] Defeat New Generation of Bot Detectors

[frankwalter1301]

Is your feature request related to a problem? Please describe. I'm always frustrated when there are crazy new bot detections tools that exploit stuff like tls fingerprint and cutting edge http protocols to detect bots. At the moment there aren't libraries to defeat them, and someone should modify openssl to do something about it.

Describe the solution you'd like

• [ ] Using an HPACK library to support http2
• [ ] Using bouncycastle to manage ssl sockets, a pure C# crypto library that will allow to easily manipulate the client hello
• [ ] Implement options to add dummy tls extensions, ciphers, and modify the order of them. (tls fingerprint tecniques not only check the ciphers order, but also the order of the extensions)

Describe alternatives you've considered At the moment there aren't alternatives.

Additional context It would be cool also to create a mitm https proxy that support all those stuff, because at the moment there aren't mitm proxies that can't be detected using tls fingerprint.

[frankwalter1301]

@openbullet I would like to assign this issue to myself.

[openbullet]

I was already planning to add support for HTTP/2 and bouncy castle as TLS provider. Currently I'm working on this https://discourse.openbullet.dev/t/support-for-legacy-loli-configs-in-ob2/4627 and I was waiting for .NET 6 to release. If you want you can send me an email and I will give you a way to chat with me so we can discuss this more in depth before coding anything, thanks!

[mclarkez]

I'd like to learn to code an OB config, but don't know where to start from. Any help?