Identical privacy posture on any OS • Cross-platform compatibility • Fingerprint consistency validated across 31+ detection scenarios
BotBrowser is a privacy first browser core that keeps fingerprint signals uniform across every platform so hostile trackers cannot build per-machine dossiers. Run the same profile on Windows, macOS, or Linux and the fingerprint posture stays identical each time.
All engineering focuses on automation-assisted privacy research, cross-platform tracking-resistance validation, and maintaining consistent environments for authorized defensive benchmarking. Review the project Legal Disclaimer and Responsible Use Guidelines before using the software.
What makes BotBrowser different: Cross-platform privacy browser core with unified fingerprint technology that stops fingerprint drift everywhere.
| High-fidelity Profile Simulation keeps synthetic and aggregated fingerprints ready for policy-compliant privacy experiments | Latest Chromium Base stays synced to the newest stable Chrome so trackers cannot key on stale engines |
| Zero-Config Intelligence reads timezone, locale, and languages from IP to mirror the network story without extra scripting | Advanced Programmatic Control offers Playwright/Puppeteer integration with CDP leak blocking so privacy tooling leaves no automation residue |
| Network Stack Parity keeps browser-level proxies aligned so geo metadata does not leak real locations | Full-Proxy QUIC/STUN delivers Chromium-level UDP associate so QUIC and STUN stay proxied, giving privacy labs clean transport parity (ENT Tier3 feature, see Network Fingerprint Control) |
- Single profile, every host OS: identical UA, screen metrics, touch surfaces, fonts, and device APIs on Windows, macOS, Linux, and Android emulation so trackers see the same fingerprint everywhere.
- Built-in automation handles touch simulation, device metrics, and locale/timezone detection from the proxy IP while still allowing CLI overrides when privacy experiments require them.
- Quick demos:
▶️ CreepJS Android •▶️ Iphey •▶️ Pixelscan
Step 1: Download
- Latest release for your OS
- Demo profile (any
.encfile)
Step 2: Launch (
- Windows example:
chrome.exe --no-sandbox --bot-profile="C:\absolute\path\to\profile.enc" --user-data-dir="%TEMP%\botprofile_%RANDOM%"
- macOS/Linux commands follow the same pattern; see INSTALLATION.md for full instructions.
Step 3: Verify
- Visit CreepJS or your preferred fingerprint observatory to confirm identical privacy posture.
- Timezone/locale/language auto-derive from your proxy/IP; override via CLI only when needed.
📖 Complete Installation Guide →
const browser = await chromium.launch({
headless: true,
executablePath: BOTBROWSER_EXEC_PATH,
args: ['--no-sandbox', `--bot-profile=${BOT_PROFILE_PATH}`],
'--proxy-server="socks5://usr:pwd@127.0.0.1:8989"', // or: "http://usr:pwd@127.0.0.1:8989"
});
const page = await browser.newPage();
await page.addInitScript(() => { delete window.__playwright__binding__; delete window.__pwInitScripts; });
await page.goto('https://abrahamjuliot.github.io/creepjs/');Notes:
- Use
--user-data-dirwith a unique temporary folder to avoid conflicts with running Chromium instances - Prefer
--proxy-serveror per-context proxies (ENT Tier1); auto timezone/locale detection applies in both cases - Avoid framework-specific proxy/auth options (e.g.,
page.authenticate()), which disable BotBrowser's geo-detection and may leak location information socks5h://is supported when you need hostnames resolved by the proxy
Examples: Playwright • Puppeteer
More options:
- Framework‑less automation:
--bot-script+ CDP (privileged context, earlier hook, fewer artifacts) - Docker: docker/README.md
- Full flags: CLI_FLAGS.md
Professional-grade privacy technology built on multi-layer fingerprint consistency, network-stack control, and automation-hardening.
- Multi Layer Noise: Canvas, WebGL, WebGPU, text, and AudioContext surfaces share deterministic, cross-worker noise with low-level Skia and HarfBuzz tuning so observers cannot correlate runs
- Execution Environment Isolation: Clean execution contexts prevent framework artifacts from exposing automation details, framework-less
--bot-script, and console suppression PRO toggles maintain consistent fingerprints across automation modes - Configurable Stack: 30+ CLI overrides, ENT Tier1 per-context proxies with auto geo, and session tooling (cookies, bookmarks, title, history) make privacy scripting flexible
- Typography Fidelity: DOM text renders from embedded Windows, macOS, and Android font packs so host fonts never leak during cross-OS simulation
- Client Hints Lockstep: DPR, device-memory, and UA-CH headers match JavaScript-visible values to keep header data in sync with runtime fingerprints
- Headless ↔ GUI Parity: Identical GPU, WebGPU, and media signals across browser modes so privacy regression tests remain stable
- Performance Controls: Precision FPS and memory timings plus ENT Tier1 timing and seed controls for reproducible privacy benchmarks
- Focus & Session Control: Always-active tabs, configurable ICE presets, and expanded media reporting keep privacy sessions believable
- Network Enhancements: ENT Tier1 per-context proxies, UDP-over-SOCKS5 (ENT Tier3), and SOCKS5H DNS in tunnel behavior for clean geo signals
Fingerprint Consistency Implementation: Privacy Controls → Technical Design → Validation
This reference maps privacy protection goals to BotBrowser implementation details and validation evidence.
| Privacy Protection | Implementation | Reference |
|---|---|---|
| API standardization | navigator.webdriver standardized across all platforms so trackers cannot use API presence/absence as identification signal | ADVANCED_FEATURES#Chrome Behavior Emulation |
| Execution environment consistency | Isolated execution context prevents framework artifacts from exposing automation details | ADVANCED_FEATURES#Playwright/Puppeteer Integration |
| Graphics rendering parity | Deterministic noise across Canvas, WebGL, WebGPU, and audio ensures consistent fingerprints even in GPU-dependent scenarios | ADVANCED_FEATURES#Graphics & Rendering Engine |
| GPU fingerprint uniformity | Canvas and WebGPU rendering shares deterministic properties so GPU probes like WebBrowserTools return consistent results | CHANGELOG#2025-12-08 |
| Typography consistency | Embedded font engines for Windows, macOS, Linux, and Android ensure text rendering remains identical across platforms | ADVANCED_FEATURES#Cross-Platform Font Engine |
| Font availability uniformity | DOM queries return consistent font lists from embedded bundles so host system fonts cannot leak platform identity | ADVANCED_FEATURES#Cross-Platform Font Engine |
| Device capabilities | Profile-based device properties maintain consistent device claims across all platforms | Profile Configs |
| Network topology privacy | WebRTC signaling stays consistent through SDP and ICE controls preventing network topology leakage | ADVANCED_FEATURES#WebRTC Leak Protection |
| User agent coherence | Browser brand and version consistency prevents UA string from revealing platform differences | CLI_FLAGS#Profile Configuration Override Flags |
| User agent coherence | Browser brand and version consistency prevents UA string from revealing platform differences | CLI_FLAGS#Profile Configuration Override Flags |
| Header to API parity | Client Hints headers DPR, device-memory, and UA-CH align with JavaScript reported values preventing header based identification | ADVANCED_FEATURES#Browser & OS Fingerprinting |
| Execution mode consistency | GPU, WebGPU, and media signals remain identical whether running headless or in GUI mode | ADVANCED_FEATURES#Headless & Incognito Compatibility |
| DNS privacy | DNS queries route through proxy to prevent ISP level tracking | ADVANCED_FEATURES#Enhanced Proxy System |
| Protocol conformance | HTTP/2 and HTTP/3 behavior matches Chrome specifications preventing protocol based differentiation | ADVANCED_FEATURES#Chrome Behavior Emulation |
| TLS fingerprint consistency | JA3, JARM, and ALPN parameters optimized for uniform TLS negotiation across platforms | CHANGELOG |
Fingerprint Consistency Matrix: Cross‑Platform Coverage
| Category | Sample Capabilities |
|---|---|
| Graphics | Canvas/WebGL rendering, GPU micro-benchmarks, texture hash configuration |
| Network | WebRTC SDP configuration, proxy auth, connection management |
| Platform | Font fallback chains, cross-worker consistency, OS-specific features |
| Performance | FPS simulation, memory timing, animation frame optimization |
📖 Complete Advanced Features Documentation →
📢 BotBrowser combines synthetic and aggregated profiles with flexible configuration for authorized privacy research. Profile consistency and CLI settings enable comparative analysis without leaking host traits.
- Profile Foundation: Synthetic and aggregated profiles provide realistic fingerprint data for authorized privacy testing
- CLI Flexibility: Override profile settings at runtime without modifying encrypted files
- Cross-Platform Compatibility: A macOS profile works on Ubuntu; a Windows profile works on macOS; an Android profile can be fully emulated on any OS
- Auto-Configuration: Timezone, locale, and languages automatically detected from IP/proxy
- CLI Flags: See the ⚙️ CLI flags reference - Recommended for most users
⚠️ Note: This project must only be used in environments you own or where you have explicit authorization. Use against third-party services without permission is strictly prohibited and undermines the privacy mission.
Prefer a GUI launcher? See console/README.md for BotBrowserConsole usage, multi-instance management, and privacy profile selection.
Our fingerprint consistency research examines how standardized browser fingerprints protect users from cross-platform tracking and identification. By maintaining identical fingerprints across operating systems, we demonstrate how privacy protection through consistency prevents the tracking methods that malicious observers rely on.
⚠️ Research validation uses authorized test environments. See DISCLAIMER.
- Windows Profile on macOS: Fingerprint consistency maintained so privacy protections remain effective across platforms
- Android Emulation on Desktop: Mobile API consistency enables fingerprint parity testing for cross-device privacy research
- Headless vs GUI Mode: Identical fingerprint behavior ensures privacy validation results remain consistent across execution contexts
📖 Complete Validation Results & Research Data → - 31+ fingerprint analysis scenarios, 15+ fingerprinting methodologies, statistical analysis
| Document | Description | Content Preview |
|---|---|---|
| Installation Guide | Platform-specific setup | Windows/macOS/Ubuntu guides, Docker deployment, troubleshooting |
| Advanced Features | Technical capabilities | 30+ CLI flags, privacy noise injection, GPU micro-benchmarks |
| Validation Results | Research data | 31+ fingerprint observatories, 50,000+ test sessions, statistical analysis |
| CLI Flags Reference | Command-line options | --bot-config-* flags, proxy auth, session management |
| Profile Configuration | Profile customization | Fingerprint control, cross-platform compatibility |
| BotCanvasLab | Canvas forensics tool | Canvas 2D recording with JSONL viewer (deterministic replay under development) |
| Examples | Code samples | Playwright, Puppeteer, bot-script automation |
Framework Integration:
- Playwright Examples - TypeScript/Python integration
- Puppeteer Examples - JavaScript automation
- Bot-Script Examples - Framework-less
chrome.debuggerAPI
Profile Management:
- Demo profiles available in profiles/ directory
- Premium privacy profiles: Contact botbrowser@bk.ru
| Technical questions, source code access | botbrowser@bk.ru | |
| 📱 Telegram | Community support, quick questions | @botbrowser_support |
For advanced users who want to build BotBrowser from source:
- Requirements: Linux build environment, Chromium build tools
- Source Access: Available to qualified researchers and institutions
Contact botbrowser@bk.ru for source code access and compilation instructions.
| Issue | Platform | Solution |
|---|---|---|
| STATUS_ACCESS_VIOLATION | Windows | Add --no-sandbox flag when launching |
| "Chromium" is damaged | macOS | Run xattr -rd com.apple.quarantine /Applications/Chromium.app |
| Missing dependencies | Ubuntu | Run sudo apt-get install -f |
| Profile file permission errors | All | Ensure .enc file has read permissions (chmod 644) |
| BotBrowser won't start or crashes | All | Check that your OS and Chromium version match the build; update BotBrowser to the latest release |
- Review the detailed Responsible Use Guidelines and Legal Disclaimer before requesting binaries or premium profiles.
- Maintain written authorization for every environment you test, and record the synthetic data sets you rely on.
- Contact the maintainers at botbrowser@bk.ru if you observe suspicious activity or need to report an abuse incident.
📋 Legal Disclaimer & Terms of Use • Responsible Use Guidelines. BotBrowser is for authorized fingerprint-consistency testing and research only.
