MCPcopy
hub / github.com/CloakHQ/CloakBrowser

github.com/CloakHQ/CloakBrowser @chromium-v148.0.7778.215.3-pro sqlite

repository ↗ · DeepWiki ↗ · release chromium-v148.0.7778.215.3-pro ↗
1,536 symbols 5,631 edges 97 files 458 documented · 30%
README

CloakBrowser

PyPI npm License Last Commit

Stars PyPI Downloads npm Downloads Docker Pulls

Stealth Chromium that passes every bot detection test.

Not a patched config. Not a JS injection. A real Chromium binary with fingerprints modified at the C++ source level. Antibot systems score it as a normal browser — because it is a normal browser.

Cloudflare Turnstile — 3 Tests Passing

Cloudflare Turnstile — 3 live tests passing (headed mode, macOS)

Drop-in Playwright/Puppeteer replacement for Python and JavaScript.

Same API, same code — just swap the import. 3 lines of code, 30 seconds to unblock.

  • 58 source-level C++ patches — canvas, WebGL, audio, fonts, GPU, screen, WebRTC, network timing, automation signals, CDP input behavior
  • humanize=True — human-like mouse curves, keyboard timing, and scroll patterns. One flag, behavioral detection passes
  • 0.9 reCAPTCHA v3 score — human-level, server-verified
  • Passes Cloudflare Turnstile, FingerprintJS, BrowserScan — tested against 30+ detection sites
  • Auto-updating binary — background update checks, always on the latest stealth build
  • pip install cloakbrowser or npm install cloakbrowser — binary auto-downloads, zero config
  • Free and open source — no subscriptions, no usage limits

Try it now — no install needed:

docker run --rm cloakhq/cloakbrowser cloaktest

Python:

from cloakbrowser import launch

browser = launch()
page = browser.new_page()
page.goto("https://example.com")
browser.close()

JavaScript (Playwright):

import { launch } from 'cloakbrowser';

const browser = await launch();
const page = await browser.newPage();
await page.goto('https://example.com');
await browser.close();

Also works with Puppeteer: import { launch } from 'cloakbrowser/puppeteer' (details)

For sites with anti-bot protection, add a residential proxy and these flags:

browser = launch(
    proxy="http://user:pass@residential-proxy:port",  # residential IP, not datacenter
    geoip=True,       # match timezone + locale to proxy IP
    headless=False,    # some sites detect headless even with C++ patches
    humanize=True,     # human-like mouse, keyboard, scroll
)
const browser = await launch({
    proxy: 'http://user:pass@residential-proxy:port',
    geoip: true,
    headless: false,
    humanize: true,
});

See Troubleshooting for site-specific issues (FingerprintJS, Kasada, reCAPTCHA).

Install

Python:

pip install cloakbrowser

JavaScript / Node.js:

# With Playwright
npm install cloakbrowser playwright-core

# With Puppeteer
npm install cloakbrowser puppeteer-core

.NET / C#:

dotnet add package CloakBrowser

Community-maintained .NET client built on Microsoft.Playwright. See dotnet/README.md for the full API.


On first run, the stealth Chromium binary is automatically downloaded (~200MB, cached locally).

Optional: Auto-detect timezone/locale from proxy IP:

pip install cloakbrowser[geoip]

Migrating from Playwright? One-line change:

- from playwright.sync_api import sync_playwright
- pw = sync_playwright().start()
- browser = pw.chromium.launch()
+ from cloakbrowser import launch
+ browser = launch()

page = browser.new_page()
page.goto("https://example.com")
# ... rest of your code works unchanged

Star to show support — Watch releases to get notified when new builds drop.


Latest: v0.4.4 — Version pinning / rollback (Chromium 148.0.7778.215.3)

  • CloakBrowser Pro — the latest binary (Chromium 148.0.7778.215.3, 59 source-level patches) is available to Pro subscribers, now on all platforms including macOS (Apple Silicon + Intel); v146 stays free forever. Set a license_key (licenseKey in JS) or the CLOAKBROWSER_LICENSE_KEY env var and the wrapper fetches the latest build automatically. See CloakBrowser Pro
  • .NET 8 / C# client — CloakBrowser now ships as a NuGet package (CloakBrowser), mirroring the Python and JS wrappers.
  • 58 fingerprint patches — rendering consistency improvements across Linux and Windows, corrected GPU/display/graphics parameters to match stock Chrome 146 profiles
  • Windows native GPU passthrough — real hardware values pass through directly instead of being spoofed, matching real browser behavior
  • HTTP proxy inline credentials — new network-layer support for proxies with inline authentication
  • extension_paths — load Chrome extensions in all launch functions
  • Humanize actionability — auto-wait for visible, enabled, stable elements before humanized actions
  • Per-call human_config — override humanize settings on individual method calls
  • Composable JS helpersbuildLaunchOptions() and humanizeBrowser() for custom Playwright integrations
  • Native SOCKS5 proxyproxy="socks5://user:pass@host:port" works directly in all launch functions, Python + JS. QUIC/HTTP3 tunnels through SOCKS5 via UDP ASSOCIATE
  • Proxy signal removal — DNS/connect/SSL timing zeroed, proxy cache headers stripped, Proxy-Connection header leak removed
  • Chromium 146 upgrade — rebased all patches from 145.0.7632.x to 146.0.7680.177
  • WebRTC IP spoofing--fingerprint-webrtc-ip=auto resolves your proxy's exit IP and spoofs WebRTC ICE candidates. Auto-injected when using geoip=True (no extra network call)
  • humanize=True — one flag makes all mouse, keyboard, and scroll interactions behave like a real user. Bézier curves, per-character typing, realistic scroll patterns
  • Stealthy with zero flags — binary auto-generates a random fingerprint seed at startup. No configuration required
  • Timezone & locale from proxy IPlaunch(proxy="...", geoip=True) auto-detects timezone and locale
  • Persistent profileslaunch_persistent_context() keeps cookies and localStorage across sessions, bypasses incognito detection

See the full CHANGELOG.md for details.

Why CloakBrowser?

  • Config-level patches breakplaywright-stealth, undetected-chromedriver, and puppeteer-extra inject JavaScript or tweak flags. Every Chrome update breaks them. Antibot systems detect the patches themselves.
  • CloakBrowser patches Chromium source code — fingerprints are modified at the C++ level, compiled into the binary. Detection sites see a real browser because it is a real browser.
  • Source-level stealth — C++ patches handle fingerprints (GPU, screen, UA, hardware reporting) at the binary level. No JavaScript injection, no config-level hacks. Most stealth tools only patch at the surface.
  • Same behavior everywhere — works identically local, in Docker, and on VPS. No environment-specific patches or config needed.
  • Works with AI agents and automation frameworks — drop-in stealth for browser-use, Crawl4AI, Scrapling, Stagehand, LangChain, Selenium, and more. See integrations.

CloakBrowser doesn't solve CAPTCHAs — it prevents them from appearing. No CAPTCHA-solving services, no proxy rotation built in — bring your own proxies, use the Playwright API you already know.

CloakBrowser Pro

The wrapper (Python + JS) is MIT, free forever. The binary uses a delayed free-release model:

  • Free (v146) — the previous binary, on GitHub Releases. Goes stale within weeks as detection evolves.
  • Pro (latest, Chromium 148.0.7778.215.3) — the newest patches and Chromium upgrades first, so the results below stay green as anti-bot systems change. Linux, Windows, and macOS (Apple Silicon + Intel).

Anti-bot detection updates constantly, and an older binary degrades fast. Pro keeps you on the build that's actively maintained against it.

Use Pro if CloakBrowser is part of production scraping, QA, monitoring, or automation where stale browser fingerprints cost you time or blocked runs.

Activate with your license key (env var, license_key= param, or ~/.cloakbrowser/license.key):

export CLOAKBROWSER_LICENSE_KEY=cb_xxxxxxxx

Pro plans → cloakbrowser.dev

Test Results

All tests verified against live detection services. Last tested: Jun 2026 (Chromium 148).

Detection Service Stock Playwright CloakBrowser Notes
reCAPTCHA v3 0.1 (bot) 0.9 (human) Server-side verified
Cloudflare Turnstile (non-interactive) FAIL PASS Auto-resolve
Cloudflare Turnstile (managed) FAIL PASS Single click
ShieldSquare BLOCKED PASS Production site
FingerprintJS bot detection DETECTED PASS demo.fingerprint.com
BrowserScan bot detection DETECTED NORMAL (4/4) browserscan.net
bot.incolumitas.com 13 fails 1 fail WEBDRIVER spec only
deviceandbrowserinfo.com 6 true flags 0 true flags isBot: false
navigator.webdriver true false Source-level patch
navigator.plugins.length 0 5 Real plugin list
window.chrome undefined object Present like real Chrome
UA string HeadlessChrome Chrome/146.0.0.0 No headless leak
CDP detection Detected Not detected isAutomatedWithCDP: false
TLS fingerprint Mismatch Identical to Chrome ja3n/ja4/akamai match
Tested against 30+ detection sites

Proof

reCAPTCHA v3 — Score 0.9

reCAPTCHA v3 score 0.9 — server-side verified (human-level)

Cloudflare Turnstile — Success

Cloudflare Turnstile non-interactive challenge — auto-resolved

BrowserScan — Normal

BrowserScan bot detection — NORMAL (4/4 checks passed)

FingerprintJS — Passed

FingerprintJS web-scraping demo — data served, not blocked

deviceandbrowserinfo.com — You are human!

deviceandbrowserinfo.com behavioral bot detection — "You are human!" with humanize=True (24/24 signals passed)

Comparison

Feature Playwright playwright-stealth undetected-chromedriver Camoufox CloakBrowser
reCAPTCHA v3 score 0.1 0.3-0.5 0.3-0.7 0.7-0.9 0.9
Cloudflare Turnstile Fail Sometimes Sometimes Pass Pass
Patch level None JS injection Config patches C++ (Firefox) C++ (Chromium)
Survives Chrome updates N/A Breaks often Breaks often Yes Yes
Maintained Yes Stale Stale Unstable Active
Browser engine Chromium Chromium Chrome Firefox Chromium
Playwright API Native Native No (Selenium) No Native

How It Works

CloakBrowser is a thin wrapper (Python + JavaScript) around a custom-built Chromium binary:

  1. You installpip install cloakbrowser or npm install cloakbrowser
  2. First launch → binary auto-downloads for your platform (Chromium 146)
  3. Every launch → Playwright or Puppeteer starts with our binary + stealth args
  4. You write code → standard Playwright/Puppeteer API, nothing new to learn

The binary includes 58 source-level patches covering canvas, WebGL, audio, fonts, GPU, screen properties, WebRTC, network timing, hardware reporting, automation signal removal, and CDP input behavior mimicking.

These are compiled into the Chromium binary — not injected via JavaScript, not set via flags.

Binary downloads are verified against a pinned Ed25519 signature on the published checksums before extraction, so the download is confirmed authentic (genuinely ours) and not just intact. A compromised mirror cannot serve a tampered or downgraded binary.

API

launch()

```python from cloakbrowser import launch

Basic — headless, default stealth config

browser = launch()

Headed mode (see the browser window)

browser = launch(headless=False)

Pro — use the latest binary (or set CLOAKBROWSER_LICENSE_KEY env var)

browser

Extension points exported contracts — how you extend this code

GeoResult (Interface)
(no doc)
js/src/geoip.ts
TestResult (Interface)
(no doc)
js/examples/stealth-test.ts
LicenseInfo (Interface)
(no doc)
js/src/license.ts
CacheData (Interface)
(no doc)
js/src/license.ts
ParsedProxy (Interface)
(no doc)
js/src/proxy.ts
ProxyConfig (Interface)
(no doc)
js/src/proxy.ts

Core symbols most depended-on inside this repo

resolveConfig
called by 180
js/src/human/config.ts
sleep
called by 146
js/src/human/config.ts
evaluate
called by 126
js/src/human/index.ts
rand
called by 107
cloakbrowser/human/config.py
rand
called by 92
js/src/human/config.ts
_remaining_ms
called by 86
cloakbrowser/human/__init__.py
patchPage
called by 83
js/src/human/index.ts
rand_range
called by 66
cloakbrowser/human/config.py

Shape

Function 681
Method 604
Class 159
Route 75
Interface 17

Languages

Python79%
TypeScript21%

Modules by API surface

tests/test_update.py131 symbols
tests/test_humanize_unit.py123 symbols
cloakbrowser/human/__init__.py109 symbols
tests/test_proxy.py104 symbols
tests/test_cloakserve.py102 symbols
tests/test_stealth_unit.py90 symbols
tests/test_launch_context.py42 symbols
js/src/human/index.ts41 symbols
tests/test_fetch_widevine.py40 symbols
tests/test_persistent_context.py36 symbols
tests/test_license.py36 symbols
js/src/download.ts34 symbols

Dependencies from manifests, versioned

@types/node25.9.1 · 1×
mmdb-lib3.0.2 · 1×
playwright-core1.60 · 1×
puppeteer-core25.0.4 · 1×
socks-proxy-agent10.0.0 · 1×
tar7.0.0 · 1×
typescript6.0.3 · 1×
vitest1.0.0 · 1×
cryptography41.0 · 1×
httpx0.24 · 1×
playwright1.40 · 1×

For agents

$ claude mcp add CloakBrowser \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact