Cloak Browser hides automation from bot detection systems

Who: Posted by Sharbel on the xcom platform, linking to the CloakHQ/CloakBrowser GitHub repository. The project is authored by CloakHQ, an independent team building browser-automation stealth tooling.

What's new: CloakBrowser is a modified version of the Chromium web browser — the open-source engine that also powers Google Chrome — rebuilt from its source code to look indistinguishable from a regular human-operated browser. Unlike earlier tools that bolt on disguises after the fact, CloakBrowser's changes are baked directly into the compiled binary at the C++ level. It is free, open source, and works as a drop-in replacement for Playwright and Puppeteer.

How it works: Most stealth browser tools work by injecting small snippets of JavaScript at runtime or adjusting configuration flags — patches that bot-detection services have learned to identify. CloakBrowser instead applies 57 patches directly to Chromium's source code before compiling, covering properties like canvas rendering, WebGL, audio, fonts, screen dimensions, and network timing. It also includes a humanize mode that replaces mechanical mouse movements and keystrokes with realistic curves and timing patterns, mimicking natural human behavior.

The numbers: CloakBrowser passes 30 out of 30 bot-detection tests across services including Cloudflare Turnstile, FingerprintJS, and reCAPTCHA v3. Stock Playwright scores 0.1 on the reCAPTCHA v3 scale; CloakBrowser scores 0.9, verified server-side as human-level.

Why it matters: This tool sits at the intersection of web scraping, AI agent infrastructure, and anti-bot security. As more AI-driven automation tools need to browse the real web without being blocked, a freely available stealth browser that genuinely defeats detection rather than temporarily evading it changes the baseline cost for both builders and defenders. The project lists compatibility with automation frameworks including browser-use, LangChain, and Selenium.