boratanrikulu/gecit — reverse-engineered prompt

Build me a simple command line app called gecit that helps get around some ISP blocking by desynchronizing Deep Packet Inspection on TLS connections and by using a built in DNS over HTTPS resolver. I want it to work on Linux, macOS, and Windows, with Linux using eBPF and macOS and Windows using a transparent TUN based approach so apps do not need to be configured one by one.

The main flow should be easy, just run something like gecit run with admin rights and have it automatically set local DNS, route traffic through the tool where needed, inject a fake TLS ClientHello with a low TTL before the real one, and restore everything cleanly when I stop it. Please include status and cleanup commands, options for choosing the DoH upstream, fake TTL, ports, interface, and verbose logs. It should be clear that this is not a VPN, does not hide IPs, and is for research and educational use. On Windows, account for Npcap and the usual admin setup. Look up current docs online if you need to.