Cradicle Explorer
abzu
/ abzu-transport / profiles.toml
profiles.toml
  1  # TLS Fingerprint Profiles
  2  # Update these when browsers release new versions
  3  #
  4  # Format:
  5  # - cipher_suites, supported_groups, signature_algorithms, extension_order 
  6  #   accept hex strings (0x1301) or decimal (4865)
  7  # - extension_order MUST include 0x0033 (KEY_SHARE) for TLS 1.3
  8  
  9  [[profiles]]
 10  name = "Chrome 121"
 11  cipher_suites = [
 12      "0x1301",  # TLS_AES_128_GCM_SHA256
 13      "0x1302",  # TLS_AES_256_GCM_SHA384
 14      "0x1303",  # TLS_CHACHA20_POLY1305_SHA256
 15      "0xC02B",  # TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
 16      "0xC02F",  # TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
 17      "0xC02C",  # TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
 18      "0xC030",  # TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
 19      "0xCCA9",  # TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
 20      "0xCCA8",  # TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
 21  ]
 22  supported_groups = [
 23      "0x001D",  # X25519
 24      "0x0017",  # secp256r1
 25      "0x0018",  # secp384r1
 26  ]
 27  signature_algorithms = [
 28      "0x0403",  # ecdsa_secp256r1_sha256
 29      "0x0804",  # rsa_pss_rsae_sha256
 30      "0x0401",  # rsa_pkcs1_sha256
 31      "0x0503",  # ecdsa_secp384r1_sha384
 32      "0x0805",  # rsa_pss_rsae_sha384
 33      "0x0501",  # rsa_pkcs1_sha384
 34      "0x0806",  # rsa_pss_rsae_sha512
 35      "0x0601",  # rsa_pkcs1_sha512
 36  ]
 37  alpn_protocols = ["h2", "http/1.1"]
 38  extension_order = [
 39      "0x0000",  # server_name
 40      "0x0017",  # extended_master_secret
 41      "0xFF01",  # renegotiation_info
 42      "0x000A",  # supported_groups
 43      "0x000B",  # ec_point_formats
 44      "0x0023",  # session_ticket
 45      "0x0010",  # alpn
 46      "0x0012",  # signed_certificate_timestamp
 47      "0x000D",  # signature_algorithms
 48      "0x002B",  # supported_versions
 49      "0x002D",  # psk_key_exchange_modes
 50      "0x0033",  # key_share
 51  ]
 52  
 53  [[profiles]]
 54  name = "Firefox 122"
 55  cipher_suites = [
 56      "0x1301",  # TLS_AES_128_GCM_SHA256
 57      "0x1303",  # TLS_CHACHA20_POLY1305_SHA256
 58      "0x1302",  # TLS_AES_256_GCM_SHA384
 59      "0xC02B",  # TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
 60      "0xC02F",  # TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
 61      "0xCCA9",  # TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
 62      "0xCCA8",  # TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
 63      "0xC02C",  # TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
 64      "0xC030",  # TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
 65  ]
 66  supported_groups = [
 67      "0x001D",  # X25519
 68      "0x0017",  # secp256r1
 69      "0x0018",  # secp384r1
 70      "0x0019",  # secp521r1
 71  ]
 72  signature_algorithms = [
 73      "0x0403",  # ecdsa_secp256r1_sha256
 74      "0x0503",  # ecdsa_secp384r1_sha384
 75      "0x0603",  # ecdsa_secp521r1_sha512
 76      "0x0804",  # rsa_pss_rsae_sha256
 77      "0x0805",  # rsa_pss_rsae_sha384
 78      "0x0806",  # rsa_pss_rsae_sha512
 79      "0x0401",  # rsa_pkcs1_sha256
 80      "0x0501",  # rsa_pkcs1_sha384
 81      "0x0601",  # rsa_pkcs1_sha512
 82  ]
 83  alpn_protocols = ["h2", "http/1.1"]
 84  extension_order = [
 85      "0x0000",  # server_name
 86      "0x0017",  # extended_master_secret
 87      "0xFF01",  # renegotiation_info
 88      "0x000A",  # supported_groups
 89      "0x000B",  # ec_point_formats
 90      "0x0023",  # session_ticket
 91      "0x0010",  # alpn
 92      "0x000D",  # signature_algorithms
 93      "0x002B",  # supported_versions
 94      "0x002D",  # psk_key_exchange_modes
 95      "0x0033",  # key_share
 96  ]
 97  
 98  # Optional: Custom SNI pool for your deployment
 99  # Uncomment and customize if you want to override the default SNI pool
100  #
101  # [sni_pool]
102  # domains = [
103  #     "cdn.yourcompany.com",
104  #     "api.yourcompany.com",
105  #     "static.yourcompany.com",
106  # ]