Lyle

Lyle is an independent developer whose open-source work centers on network-security tooling for researchers and red-team operators. The single published offering, JA3Proxy, is a lightweight MITM proxy expressly built to let analysts override the JA3 TLS fingerprint that a client presents to remote servers. By intercepting outbound HTTPS through a local HTTP proxy, the utility rewrites cipher-suite ordering, extensions, and other handshake parameters so that automated scanners, bots, or browsers can masquerade as a different user-agent or operating-system stack. Typical use cases include evading web-application firewalls, testing anti-bot defenses, correlating JA3 hashes with threat-intel feeds, and reproducing geo-fenced or fingerprint-blocked requests during penetration tests. Written in Go, the tool runs as a portable executable that chains upstream to Squid, Burp, or any standard proxy, emitting JSON logs for easy integration with SIEM pipelines. Configuration is file-driven, allowing teams to swap predefined fingerprints—impersonating Chrome on Android, Safari on macOS, or even legacy IE on Windows 7—without recompiling. Because the codebase is fully transparent on GitHub, security engineers can audit the TLS rewriting logic, contribute new signatures, or embed the library into larger reconnaissance frameworks. Lyle’s software is available for free on get.nero.com; downloads are delivered through trusted Windows package sources such as winget, always installing the latest release and supporting batch deployment alongside other utilities.