Identical privacy posture on any OS • Cross-platform compatibility • Fingerprint consistency validated across 31+ fingerprinting scenarios
BotBrowser is a privacy first browser core that keeps fingerprint signals uniform across every platform, preventing tracking systems from collecting and correlating fingerprints to identify users across devices. Run the same profile on Windows, macOS, or Linux and the fingerprint posture stays identical each time.
All engineering focuses on automation-assisted privacy research, cross-platform tracking-resistance validation, and maintaining consistent environments for authorized defensive benchmarking. Review the project Legal Disclaimer and Responsible Use Guidelines before using the software.
What makes BotBrowser different: Cross-platform privacy browser core with unified fingerprint technology that prevents fingerprint collection and device linkage.
| High-fidelity Profile Simulation keeps synthetic and aggregated fingerprints ready for policy-compliant privacy experiments | Latest Chromium Base stays synced to the newest stable Chrome so trackers cannot key on stale engines |
| Zero-Config Intelligence reads timezone, locale, and languages from IP to mirror the network story without extra scripting | Advanced Programmatic Control offers Playwright/Puppeteer integration with CDP leak blocking so privacy tooling leaves no automation residue |
| Network Stack Parity keeps browser-level proxies aligned so geo metadata does not leak real locations | Full-Proxy QUIC/STUN delivers Chromium-level UDP associate so QUIC and STUN stay proxied, giving privacy labs clean transport parity (ENT Tier3 feature, see Network Fingerprint Control) |
- Single profile, every host OS: identical UA, screen metrics, touch surfaces, fonts, and device APIs on Windows, macOS, Linux, and Android emulation so trackers see the same fingerprint everywhere.
- Built-in automation handles touch simulation, device metrics, and locale/timezone detection from the proxy IP while still allowing CLI overrides when privacy experiments require them.
- Quick demos:
▶️ CreepJS Android •▶️ Iphey •▶️ Pixelscan
Step 1: Download
- Latest release for your OS
- Demo profile (any
.encfile)
Step 2: Launch (
- Windows example:
chrome.exe --no-sandbox --bot-profile="C:\absolute\path\to\profile.enc" --user-data-dir="%TEMP%\botprofile_%RANDOM%"
- macOS/Linux commands follow the same pattern; see INSTALLATION.md for full instructions.
Step 3: Verify
- Visit CreepJS or your preferred fingerprint observatory to confirm identical privacy posture.
- Timezone/locale/language auto-derive from your proxy/IP; override via CLI only when needed.
📖 Complete Installation Guide →
const browser = await chromium.launch({
headless: true,
executablePath: BOTBROWSER_EXEC_PATH,
args: ['--no-sandbox', `--bot-profile=${BOT_PROFILE_PATH}`],
'--proxy-server="socks5://usr:pwd@127.0.0.1:8989"', // or: "http://usr:pwd@127.0.0.1:8989"
});
const page = await browser.newPage();
await page.addInitScript(() => { delete window.__playwright__binding__; delete window.__pwInitScripts; });
await page.goto('https://abrahamjuliot.github.io/creepjs/');Notes:
- Use
--user-data-dirwith a unique temporary folder to avoid conflicts with running Chromium instances - Prefer
--proxy-serveror per-context proxies (ENT Tier1); auto timezone/locale detection applies in both cases - Avoid framework-specific proxy/auth options (e.g.,
page.authenticate()), which disable BotBrowser's geo-detection and may leak location information socks5h://is supported when you need hostnames resolved by the proxy
Examples: Playwright • Puppeteer
More options:
- Framework‑less automation:
--bot-script+ CDP (privileged context, earlier hook, fewer artifacts) - Docker: docker/README.md
- Full flags: CLI_FLAGS.md
Professional-grade privacy technology built on multi-layer fingerprint consistency, network-stack control, and automation-hardening.
- Multi Layer Noise: Canvas, WebGL, WebGPU, text, and AudioContext surfaces share deterministic, cross-worker noise with low-level Skia and HarfBuzz tuning so observers cannot correlate runs
- Execution Environment Isolation: Clean execution contexts prevent framework artifacts from exposing automation details, framework-less
--bot-script, and console suppression PRO toggles maintain consistent fingerprints across automation modes - Configurable Stack: 30+ CLI overrides, ENT Tier1 per-context proxies with auto geo, and session tooling (cookies, bookmarks, title, history) make privacy scripting flexible
- Typography Fidelity: DOM text renders from embedded Windows, macOS, and Android font packs so host fonts never leak during cross-OS simulation
- Client Hints Lockstep: DPR, device-memory, and UA-CH headers match JavaScript-visible values to keep header data in sync with runtime fingerprints
- Headless ↔ GUI Parity: Identical GPU, WebGPU, and media signals across browser modes so privacy regression tests remain stable
- Performance Controls: Precision FPS and memory timings plus ENT Tier1 timing controls and ENT Tier2 noise seeds for reproducible privacy benchmarks
- Focus & Session Control: Always-active tabs, configurable ICE presets, and expanded media reporting keep privacy sessions believable
- Network Enhancements: ENT Tier1 per-context proxies, optional local DNS solver (ENT Tier1), UDP-over-SOCKS5 (ENT Tier3), and SOCKS5H DNS in tunnel behavior for clean geo signals
Fingerprint Consistency Implementation: Privacy Controls → Technical Design → Validation
This reference maps privacy protection goals to BotBrowser implementation details and validation evidence.
| Privacy Protection | Implementation | Reference |
|---|---|---|
| API standardization | navigator.webdriver standardized across all platforms so trackers cannot use API presence/absence as identification signal | ADVANCED_FEATURES#Chrome Behavior Emulation |
| Execution environment consistency | Isolated execution context prevents framework artifacts from exposing automation details | ADVANCED_FEATURES#Playwright/Puppeteer Integration |
| Graphics rendering parity | Deterministic noise across Canvas, WebGL, WebGPU, and audio ensures consistent fingerprints even in GPU-dependent scenarios | ADVANCED_FEATURES#Graphics & Rendering Engine |
| GPU fingerprint uniformity | Canvas and WebGPU rendering shares deterministic properties so GPU probes like WebBrowserTools return consistent results | CHANGELOG#2025-12-08 |
| Typography consistency | Embedded font engines for Windows, macOS, Linux, and Android ensure text rendering remains identical across platforms | ADVANCED_FEATURES#Cross-Platform Font Engine |
| Font availability uniformity | DOM queries return consistent font lists from embedded bundles so host system fonts cannot leak platform identity | ADVANCED_FEATURES#Cross-Platform Font Engine |
| Device capabilities | Profile-based device properties maintain consistent device claims across all platforms | Profile Configs |
| Network topology privacy | WebRTC signaling stays consistent through SDP and ICE controls preventing network topology leakage | ADVANCED_FEATURES#WebRTC Leak Protection |
| User agent coherence | Browser brand and version consistency prevents UA string from revealing platform differences | CLI_FLAGS#Profile Configuration Override Flags |
| Header to API parity | Client Hints headers DPR, device-memory, and UA-CH align with JavaScript reported values preventing header based identification | ADVANCED_FEATURES#Browser & OS Fingerprinting |
| Execution mode consistency | GPU, WebGPU, and media signals remain identical whether running headless or in GUI mode | ADVANCED_FEATURES#Headless & Incognito Compatibility |
| DNS privacy | DNS can stay in-tunnel via SOCKS5H, or use the local DNS solver (ENT Tier1) to improve privacy and speed while avoiding DNS poisoning and provider DNS limits | CLI_FLAGS#Enhanced Proxy Configuration |
| Public IP discovery | Customizable IP lookup backend for geo derivation via --bot-ip-service (supports comma-separated endpoints; BotBrowser races them and uses the fastest successful response) |
CLI_FLAGS#Enhanced Proxy Configuration |
| Protocol conformance | HTTP/2 and HTTP/3 behavior matches Chrome specifications preventing protocol based differentiation | ADVANCED_FEATURES#Chrome Behavior Emulation |
| TLS fingerprint consistency | JA3, JARM, and ALPN parameters optimized for uniform TLS negotiation across platforms | CHANGELOG |
Fingerprint Consistency Matrix: Cross‑Platform Coverage
| Category | Sample Capabilities |
|---|---|
| Graphics | Canvas/WebGL rendering, GPU micro-benchmarks, texture hash configuration |
| Network | WebRTC SDP configuration, proxy auth, connection management |
| Platform | Font fallback chains, cross-worker consistency, OS-specific features |
| Performance | FPS simulation, memory timing, animation frame optimization |
📖 Complete Advanced Features Documentation →
📢 BotBrowser combines synthetic and aggregated profiles with flexible configuration for authorized privacy research. Profile consistency and CLI settings enable comparative analysis without leaking host traits.
- Profile Foundation: Synthetic and aggregated profiles provide realistic fingerprint data for authorized privacy testing
- CLI Flexibility: Override profile settings at runtime without modifying encrypted files
- Cross-Platform Compatibility: A macOS profile works on Ubuntu; a Windows profile works on macOS; an Android profile can be fully emulated on any OS
- Auto-Configuration: Timezone, locale, and languages automatically detected from IP/proxy
- CLI Flags: See the ⚙️ CLI flags reference - Recommended for most users
⚠️ Note: This project must only be used in environments you own or where you have explicit authorization. Use against third-party services without permission is strictly prohibited and undermines the privacy mission.
Prefer a GUI launcher? See console/README.md for BotBrowserConsole usage, multi-instance management, and privacy profile selection.
Our fingerprint consistency research examines how standardized browser fingerprints prevent tracking systems from collecting fingerprint data to identify users across platforms. By maintaining identical fingerprints across operating systems, we demonstrate how privacy protection through consistency prevents the tracking methods that malicious observers rely on.
⚠️ Research validation uses authorized test environments. See DISCLAIMER.
- Windows Profile on macOS: Fingerprint consistency maintained so privacy protections remain effective across platforms
- Android Emulation on Desktop: Mobile API consistency enables fingerprint parity testing for cross-device privacy research
- Headless vs GUI Mode: Identical fingerprint behavior ensures privacy validation results remain consistent across execution contexts
📖 Complete Validation Results & Research Data → - 31+ fingerprint analysis scenarios, 15+ fingerprinting methodologies, statistical analysis
| Document | Description | Content Preview |
|---|---|---|
| Installation Guide | Platform-specific setup | Windows/macOS/Ubuntu guides, Docker deployment, troubleshooting |
| Advanced Features | Technical capabilities | 30+ CLI flags, privacy noise injection, GPU micro-benchmarks |
| Validation Results | Research data | 31+ fingerprint observatories, 50,000+ test sessions, statistical analysis |
| CLI Flags Reference | Command-line options | --bot-config-* flags, proxy auth, session management |
| Profile Configuration | Profile customization | Fingerprint control, cross-platform compatibility |
| BotCanvasLab | Canvas forensics tool | Canvas 2D recording with JSONL viewer (deterministic replay under development) |
| Examples | Code samples | Playwright, Puppeteer, bot-script automation |
Framework Integration:
- Playwright Examples - TypeScript/Python integration
- Puppeteer Examples - JavaScript automation
- Bot-Script Examples - Framework-less
chrome.debuggerAPI
Profile Management:
- Demo profiles available in profiles/ directory
- Premium privacy profiles: Contact botbrowser@bk.ru
| Technical questions, source code access | botbrowser@bk.ru | |
| 📱 Telegram | Community support, quick questions | @botbrowser_support |
For advanced users who want to build BotBrowser from source:
- Requirements: Linux build environment, Chromium build tools
- Source Access: Available to qualified researchers and institutions
Contact botbrowser@bk.ru for source code access and compilation instructions.
| Issue | Platform | Solution |
|---|---|---|
| STATUS_ACCESS_VIOLATION | Windows | Add --no-sandbox flag when launching |
| "Chromium" is damaged | macOS | Run xattr -rd com.apple.quarantine /Applications/Chromium.app |
| Missing dependencies | Ubuntu | Run sudo apt-get install -f |
| Profile file permission errors | All | Ensure .enc file has read permissions (chmod 644) |
| BotBrowser won't start or crashes | All | Check that your OS and Chromium version match the build; update BotBrowser to the latest release |
- Review the detailed Responsible Use Guidelines and Legal Disclaimer before requesting binaries or premium profiles.
- Maintain written authorization for every environment you test, and record the synthetic data sets you rely on.
- Contact the maintainers at botbrowser@bk.ru if you observe suspicious activity or need to report an abuse incident.
📋 Legal Disclaimer & Terms of Use • Responsible Use Guidelines. BotBrowser is for authorized fingerprint-consistency testing and research only.
