What Is CloakBrowser?

Paste into ChatGPT, Claude, or any LLM

On this page

CloakBrowser is a stealth Chromium build with 49 C++ binary patches. Where playwright-stealth injects JavaScript at runtime (detectable via Function.toString()), CloakBrowser modifies the Chromium binary itself before compilation. The patched APIs return [native code] when inspected because they are native code — there is nothing in the JS runtime to detect. Optimised specifically for Chromium-only sites and Akamai's 60-extension probe, with a reported reCAPTCHA v3 score of 0.9 (very high human-like).

Base browser	Chromium (vs Camoufox's Firefox)
Patches	49 C++ binary patches — Canvas, WebGL, AudioContext, Battery, CDP input
Distinct feature	Loads real extensions (uBlock, 1Password) to pass Akamai's 60-extension probe
reCAPTCHA v3 score	~0.9 (very high human-like)
Memory footprint	~200+ MB per browser instance

How CloakBrowser is different from playwright-stealth

The 2026 fact every stealth scraper has to internalise: anti-bots run Function.prototype.toString.call(fn) on every patched native function. If the result is anything other than [native code], the patch itself becomes the bot signal. This breaks playwright-stealth against Kasada, recent Akamai versions, and DataDome — every override leaves a JS source signature visible to toString.

CloakBrowser patches the same things (canvas hash, WebGL renderer, AudioContext, navigator quirks, Battery API, CDP input handling) at the C++ build level. The functions still return [native code] because they are native code. There is no JS injection, so toString() finds nothing.

The 60-extension probe and real extensions

Akamai's sensor.js fetches 60 known chrome-extension://[id]/manifest.json URLs. Real Chrome users have at least a few extensions installed (uBlock Origin, LastPass, Bitwarden, 1Password). A headless browser returns net::ERR_FAILED on all 60 simultaneously — a statistically impossible result for a real user.

CloakBrowser ships with profiles that have real extensions installed. Some probes return real manifest data; the response pattern matches a real Chrome user. This is the single Chromium-side feature that Camoufox does not address as natively (Firefox does not have the chrome-extension protocol at all).

When to choose CloakBrowser vs Camoufox

CloakBrowser: Chromium-only sites, Akamai targets with active sensor.js scoring (extension probes matter), sites that score browser market share (~65% of users are Chromium-family). Higher memory cost.

Camoufox: Cloudflare (reported 100% pass rate Mar 2026), sites where CDP detection is the gate (Camoufox uses Mozilla's Juggler protocol, not CDP). Lower memory cost.

Both: use real residential or ISP IPs, use geoip-style alignment, run with humanize=True equivalent, never run more than ~10 instances per machine.

Is the closed-source binary safe? (security analysis)

CloakBrowser's control library is open source, but the stealth value lives in a pre-built, closed-source Chromium binary you download and run with full local privileges. That is a real supply-chain concern: a patched browser binary could in principle read your .ssh keys, harvest environment secrets, or phone home, and you cannot audit the C++ source to rule it out.

An independent behavioural audit — github.com/pim97/cloakbrowser-analyze — ran nine runtime tests against the binary and reported no malicious behaviour observed: 2.9M extracted strings contained no suspicious URLs, hardcoded credentials, or exfiltration keywords; packet capture showed only the expected PyPI/GitHub traffic from the wrapper; the process never touched .ssh, .aws, or planted decoy secrets; and every spawned process was a standard Chromium component.

The same write-up is explicit about the limit of that evidence: passing behavioural tests is not the same as being provably safe. A closed binary can still hide time-delayed or conditionally-triggered behaviour that runtime observation will not catch. If your threat model cannot tolerate an unauditable binary — corporate machines, anything near credentials or production infrastructure — prefer a fully open-source stack like Camoufox or PatchRight, or sandbox CloakBrowser in a disposable container with no access to host secrets.

Code example

python

# CloakBrowser is configured similarly to Playwright but with C++ patches baked in.
# Note: real extension profiles are configured at install time, not at runtime.

from cloakbrowser import CloakBrowser

with CloakBrowser(
    profile="default_with_ublock_1password",   # real extensions for Akamai probe
    proxy={
        "server": "http://residential:port",
        "username": "user",
        "password": "pass",
    },
    headless=True,
    humanize=True,
) as browser:
    page = browser.new_page()
    page.goto("https://akamai-protected.com/")
    page.wait_for_load_state("networkidle")
    # _abck flips to ~0~ after sensor.js POST — accumulated trust visible
    listings = page.eval_on_selector_all(".listing", "els => els.map(el => el.innerText)")

Related terms

What Is Camoufox?

Camoufox is a stealth-focused fork of Firefox with anti-fingerprinting patches applied at the C++ build level. Unlike playwright-stealth, wh…

What Is Akamai Bot Manager?

Akamai Bot Manager is an enterprise bot-protection product used by roughly 30% of the Fortune 500 — airlines, banks, retailers, ticketing. I…

What Is a Headless Browser?

A headless browser is a real web browser — Chrome, Firefox, or WebKit — that runs without a visible graphical interface, controlled entirely…

What Is Browser Fingerprinting?

Browser fingerprinting is a technique that identifies and tracks a visitor by combining dozens of small, observable characteristics of their…

What Is Playwright?

Playwright is a cross-browser automation framework from Microsoft that drives Chromium, Firefox, and WebKit through a single API. Released i…

Anti-Detect Browser Tools Compared

Anti-detect browser tools defeat bot detection by spoofing the signals that distinguish automation from a real user — but they work at very …

Concept map

How CloakBrowser connects

The terms most directly tied to this one. Hover a node to see its neighbours, click to preview, drag to rearrange.

0 terms · 0 connections

You are here · Web Scraping APIs

Tools & solutions for this topic

Frequently asked questions

Why does CloakBrowser need 49 patches?

Each patch addresses a specific fingerprint surface — Canvas pixel noise injection, WebGL renderer string spoofing, AudioContext output randomisation, navigator quirks, Battery API, CDP input timing. Together they cover the modern Akamai sensor.js checklist. Patches are added as new detection vectors are documented.

Can I install my own extensions in CloakBrowser?

Yes — the build accepts standard Chrome extension packages. The default profiles ship with uBlock Origin and 1Password installed because those are the most common real-user extensions and they pass Akamai's probe well.

How is CloakBrowser distributed?

It ships as a pre-built Chromium binary plus a Python control library. You do not build it from source unless you want to add custom patches — the standard binary covers the majority of stealth use cases.

Will my fingerprint be unique enough?

CloakBrowser injects per-profile noise into canvas and audio output, so two CloakBrowser instances produce different fingerprints. Combined with different proxy IPs and lightly randomized navigator properties, you can run many sessions in parallel without them looking like the same client.

Is CloakBrowser safe to run? It's a closed-source binary.

The wrapper library is open source, but the stealth comes from a pre-built, closed-source Chromium binary that runs with full local privileges — a genuine supply-chain risk. An independent behavioural audit at github.com/pim97/cloakbrowser-analyze ran nine runtime tests (string analysis over 2.9M strings, network capture, file-system and process monitoring, planted decoy secrets) and found no malicious behaviour. That is reassuring but not proof: a closed binary can hide time-delayed or conditional triggers that runtime observation misses. Treat 'no malicious behaviour observed' as exactly that, not 'provably safe'.

How do I reduce the risk of running the binary?

Run it in a disposable container or VM with no access to host secrets — no mounted SSH/AWS credentials, no real environment variables, an outbound network allowlist, and a throwaway proxy account. That limits the blast radius if the binary ever does something unexpected. If you cannot accept running an unauditable binary at all, use a fully open-source alternative like Camoufox or PatchRight where you can read every line.

Is CloakBrowser open source like Camoufox?

Only partially. The control/wrapper layer is open source, but the patched Chromium binary itself is distributed pre-built and closed — you cannot inspect or rebuild the C++ patches from source. Camoufox, by contrast, is fully open source: the Firefox patch set is public and you can compile it yourself. If transparency is a hard requirement, that difference is the deciding factor.

Last updated: 2026-05-28