AnonymProxy is a Rust-based asynchronous reverse proxy designed to evade static TLS fingerprinting systems (JA3/JA4) by dynamically mutating the TLS ClientHello handshake extensions in real time. It intercepts raw TCP streams, detects TLS handshakes, parses variable-length fields, shuffles TLS extensions using a Fisher-Yates algorithm with a Xorshift64 PRNG, and recalculates TLS header lengths at the bit level. This results in each outgoing connection having a unique TLS fingerprint, circumventing detection by anti-bot and firewall systems that rely on static TLS signatures. The tool is open source and intended for use cases requiring evasion of TLS-based fingerprinting without altering client application behavior.

The tool undermines the reliability of TLS fingerprinting methods (JA3/JA4) used by anti-bot and firewall services to identify and block automated or malicious traffic. This can reduce the effectiveness of such security controls on platforms like Cloudflare and Akamai, potentially allowing automated or scripted traffic to bypass detection. There are no direct vulnerabilities or exploits associated with this tool itself; rather, it represents an evasion technique that may complicate network defense strategies relying on TLS fingerprinting.

No official patches or vendor advisories apply as this is an evasion tool, not a vulnerability. Defenders relying on TLS fingerprinting should consider augmenting detection with additional behavioral or contextual analysis methods that do not solely depend on static TLS fingerprints. Monitoring for anomalous traffic patterns and employing multi-layered bot detection strategies may help mitigate the impact of such evasion techniques. No immediate remediation is available or required against the tool itself.