go-tls-web-bot-auth-replay

Forges a real-browser TLS ClientHello with uTLS (Go) — a pure wire-layer JA3/JA4 spoof, no browser engine.

botverdict
0.98score
2/185checks fired

Convicting tells 2

net.no_js_executionPage request with a TLS fingerprint but no browser layer (no JS ran — scripted client)
net.web_bot_auth_nonce_replayA valid Web Bot Auth (RFC 9421) signature reuses an in-window nonce — a captured-credential replay

← all evaders  ·  the detection matrix