30 anti-detection sites. 30 out of 30 passed. Including Cloudflare Turnstile, FingerprintJS, and BrowserScan — some of the toughest in the industry.
This isn't a config tweak or runtime JS injection to fake the navigator object. CloakBrowser applies 49 patches directly to Chromium's C++ source code — canvas, WebGL, audio, fonts, GPU, screen, WebRTC, network timing, even CDP input behavior.
The result is a Chromium binary with fully spoofed fingerprints. To anti-detection systems, it's just a normal browser — because it is a normal browser, with re-engineered fingerprints.
Installation
pip install cloakbrowser
# or
npm install cloakbrowser playwright-core
Swap one import line in your Playwright code:
- from playwright.sync_api import sync_playwright
+ from cloakbrowser import launch
That's it. The rest of your code stays unchanged. First run auto-downloads a ~200MB stealth Chromium binary. Docker image available for instant testing:
docker run --rm cloakhq/cloakbrowser cloaktest
Key Features
49 source-level C++ patches. This is what separates CloakBrowser from most "anti-detect browsers." Many solutions inject JS at runtime to override navigator.webdriver and similar properties. CloakBrowser modifies the binary itself — anti-detection systems see a browser that's "natively built this way."
humanize=True in one flag. Human-level mouse curves, keyboard timing, scroll patterns. Behavioral detection passes. reCAPTCHA v3 score: 0.9, server-verified.
Auto-updating binary. Background update checks, always on the latest stealth build. Critical for scraping — anti-detection systems constantly evolve their detection rules.
Browser Profile Manager. Built-in multi-profile management as a free alternative to Multilogin, GoLogin, AdsPower. Each profile has unique fingerprint, proxy, and persistent session, accessible via noVNC.
The Numbers
- 13,027 stars, +8,618 this week
- 1,007 forks
- PyPI + npm + Docker
- Free and open source, no subscriptions, no usage limits
Reality Check
This isn't a silver bullet. Anti-detection vs. anti-anti-detection is a perpetual arms race. 30/30 today doesn't guarantee 30/30 next week. The CloakHQ team keeps updating, but if you depend on this for production scraping, be ready to update constantly.
Legal considerations. Bypassing anti-detection systems may involve legal risk depending on your jurisdiction and use case. This isn't a CloakBrowser problem — it's a reality the entire scraping industry faces.
My Take
CloakBrowser is one of the most technically impressive projects on GitHub Trending recently. 49 C++ patches is serious work, and packaging it into pip install shows solid engineering.
If you need high-stealth browser automation, try it. But remember — stealth is a state, not a setting.
Main sources: