camoufox
Engine-level anti-detect Firefox: it patches the Gecko C++ engine itself instead of injecting JavaScript, so the spoof leaves no JS-detectable seams. The hardest case in the fleet.
botverdict
1.00score
3/185checks fired
Pythonlanguage
Convicting tells 3
net.no_js_executionPage request with a TLS fingerprint but no browser layer (no JS ran — scripted client)net.tcp_os_vs_uaTCP/IP-stack OS kernel contradicts the OS the User-Agent claimsnet.tls_grease_vs_uaUA claims a GREASEing-engine browser (Chromium/Safari) but the TLS ClientHello has no GREASE