With your modifications to canvas and screen properties, have you tested whether rapid changes trigger suspicion or if there’s a need to introduce more stable randomization intervals to avoid being flagged?
Congrats on such an accomplishment, but, just curious, what’s the point of making your own antidetect browser? Wouldn’t it be so much easier AND quicker to just use one from a provider? What’s the real benefit in doing this?
@Thiago I honestly didn’t test out an aggressive randomization approach, I don’t think it’s a good idea, you don’t want your screen properties to be jumping all over the place every time the page reloads or whenever you launch the browser (feels like a dead giveaway).
Just a little variation makes it harder to fingerprint you without breaking everything. I also added canvas spoofing to prevent any fingerprinting from the canvas element, making sure the canvas returns a fake fingerprint every time.
Thank you, and that’s a valid question. I initially started this out of sheer curiosity, could it be done? Is it viable? Will it be just as good as “commercial tools”?
And yes, it would take significantly less time to just use a typical antidetect browser and be done with it. But, there’s also something really cool about realizing this can genuinely just be made from scratch, and that it will theoretically function just as good as ones you can just pay for, perhaps even better since I’d be in control of the whole thing. Mine is in no way ready to go head-to-head with these tools just yet, but I am excited to see it get there.
Hey. You wont be able to do it this way. Webrtc, canvas, webgl, audio and a lot more parameters need to be spoofed. I HAVE DEVELOPED AN ANTI DETECT BROWSER. PLANNING TO LAUNCH A COURSE ON THAT. THOUGHT MAYBE PEOPLE ARE INTERESTED.
1 Like
Oh wow this is awesome to see and honestly will help me out a lot! I’m building my own anti detect browser myself and ran into similar problems. Those ■■■■ proxy auth popups. Mine actually launches chrome with flags and hooks puppeteer into it using the debugging port you can set on that. I Then hook in a custom extension that handles a lot of the fingerprint spoofing. It works but still gives a bunch of lies and fingerprinting contradictions.
After reading this thread I might be taking the long way round and a lot of the stuff I need solving can be done the same way you have.
Awesome thread.
@Ankit_Sethi would be cool if you just dropped the course. I’ve seen you post in a bunch of other places. There isn’t much open source in this area. Any information on the topic would be good.
The problems you are facing were already faced by me and I was completely exhausted. You cant use extensions for any spoof because that’s easily detectable. You can use seleniumbase if you want to authenticate your proxies using chromedriver.
There is not much information on this because these anti detection tools are running a big market. No doubt, the algorithms used to spoof the canvas and other elements are really complex. Right now, the latest version of dolphin anty is struggling with their canvas algo as its flagged by Canvas Fingerprint | BrowserScan and yet they have released the update. I don’t know if their testers are on some kind of good quality weed.
1 Like
hey i have been follwing this thread.. and i want to ask something.. did you manage to bypass navigator on browserscan.. like when you modify the Device Memory, Hardware Concurrency… they get leaked by it and i tried using adspower anti detect and they are by passing it.. so i wanted help to actual pass it also..
note im not making a anti detect browser but im just making a bot that i can use for my sie
I managed to bypass every scan. Plus I successfully altered every setting like webgl, webrtc address, user agent and others.
This is nice 
, can you mind sharing how you go about it… Cause it has giving me headache…
Like when I don’t modify my hardware the bots bypass all and it pass but I can’t be using the same [quote=“innocent_mutemwa, post:30, topic:349”]
Device Memory, Hardware Concurrency
[/quote]
On every bot I have created… So I wanted each bot to use different device memory and hardware concurrency
But when I do that. I’m being flagged as bot through navigator…
On browserscan.net..
So I need help please
Hey hey still waiting for anyone’s response on my question
Hey @innocent_mutemwa , Not the OP but I did do some research on the topic and here are my thoughts:
Changing just navigator.deviceMemory and navigator.hardwareConcurrency seems simple, but modern fingerprinting checks hundreds of signals together. When a couple of fields are tweaked in isolation, the whole profile starts to look “synthetic,” and sites like browserscan flag it.
Here’s the high-level why (and some safer pointers):
- It’s a bundle, not a slider. Device memory & CPU cores are validated against other traits: OS/CPU family, user agent/Client Hints, WebGL/GPU, screen size & color depth, media codecs, touch capabilities, battery/sensor APIs, timezone/locale, fonts, even network/TLS behavior. If those don’t “fit” each other, you get flagged.
- Per-bot randomization isn’t the goal; coherence is. Ten coherent profiles beat 1,000 “randomized” ones. Keep each bot’s profile internally consistent and stable across sessions.
- Avoid toggling low-level hardware fields alone. If you must vary device class, do it as part of a full profile (OS + browser version + GPU + screen + inputs), not just two numbers.
- Don’t chase edge values. Unrealistic combos (e.g., ultra-low memory + 4K screen + high-end GPU) trigger heuristics.
- Mind automation flags. WebDriver exposure, permissions prompts, canvas/audio behavior, and timing patterns (superhuman clicks, zero think time) can trip detection even if the “navigator” looks good.
Ethically/compliantly speaking, the most reliable approach is to:
- Use real devices or sanctioned environments for testing/automation.
- Prefer official APIs/partnerships when interacting with third-party platforms.
- Keep profiles consistent and respect site TOS.
If you want, share (at a high level) the platform/target use case and whether you’re using desktop or mobile. I can help you think through what a coherent profile should include (no evasion tricks, just making sure nothing looks self-contradictory).
with that being said… so with the code above.. for the owner of the post.. how can you bypass it?..