Ladder

Ladder is a web proxy server and HTTP response modifier designed to circumvent bot protections, CORS restrictions, and paywalls. It functions by intercepting traffic to modify HTML, CSS, and JavaScript via regular expressions and altering HTTP headers to reveal restricted content.

The project distinguishes itself through its ability to bypass anti-scraping mechanisms and specialized bot detection, such as Cloudflare, by integrating with external challenge-solving services. It also enables client identity emulation by spoofing user agents and network identifiers to masquerade as different browsers.

The system covers a broad range of traffic management capabilities, including rule-based request routing, URL rewriting, and the stripping of Content-Security-Policy headers. Access control is managed through basic authentication and domain whitelisting, while configuration syncing allows rule sets to be maintained across multiple instances.

The application is distributed as cross-compiled static binaries and provided as a containerized image with a Kubernetes chart for automated deployment.

Features

HTTP Request and Response Modifiers - Intercepts and alters HTTP request and response data in real time using regular expressions to modify page content.

Bypassing Access Restrictions - Circumvents paywalls and subscription requirements by modifying HTML and stripping CORS headers.

Web Content Paywall Bypasses - Removes CORS headers and modifies HTML to bypass web-based paywalls and content restrictions.

HTML Document Transformation - Uses regular expressions to transform HTML response bodies by replacing patterns with custom content.

Cloudflare Challenge Solvers - Integrates with external services like FlareSolverr to circumvent Cloudflare challenges and bot detection.

CORS Proxies - Provides a proxy server specifically designed to bypass browser-based cross-origin resource sharing restrictions.

Proxy Headers - Manipulates HTTP headers to strip CORS and Content-Security-Policy restrictions from target servers.

Bot Detection Bypass - Integrates with external solver services to simulate human behavior and overcome automated bot detection.

Identity Spoofing - Mimics legitimate browser traffic by spoofing User-Agent strings and network identifiers to bypass restrictions.

Protection Bypassers - Circumvents automated firewall and security challenges, including Cloudflare, using external solvers.

HTTP Header Manipulators - Provides utilities for adding, modifying, or removing HTTP request and response headers.

Response Body Transformations - Replaces HTML elements and injects JavaScript patterns into the response body using regular expressions.

Web Content Injections - Injects custom HTML, CSS, and JavaScript into web pages to alter their appearance and behavior.

Web Content Modification Engines - Acts as a runtime layer that intercepts and transforms web assets to inject custom functionality.

Client Identity Customization - Spoofs User-Agent strings and network identifiers to masquerade as different browsers or locations.

Domain-Based Routing - Applies specific proxy rules and content modifications based on the target domain or matched hostnames.

URL Routing Proxies - Intercepts web requests and rewrites URLs based on configurable rules to control content delivery.

Rule-Based - Applies domain and path-based routing rules to control URL rewriting and header overrides.

Traffic Routing Rules - Manages sets of rules to dictate how network traffic is routed through the proxy based on target domains.

Cloudflare Challenge Solvers - Uses external challenge-solving services to specifically circumvent Cloudflare's bot detection and security challenges.

URL Rewrite Rules - Modifies request URLs including domains, paths, and query parameters based on predefined matching patterns.

everywallladder

Features

Star history