loading…
Весь каталог
🎯 Cloudflare Turnstile → Success via
Camoufox
БесплатноA stealth browser MCP server with 69 tools for undetectable web automation. It bypasses bot detection systems like Cloudflare while providing full browser contr
автор: RobithYusuf
Описание
A stealth browser MCP server with 69 tools for undetectable web automation. It bypasses bot detection systems like Cloudflare while providing full browser control for tasks like form filling, data scraping, and session management.
README
The most feature-rich stealth browser MCP server. 80 tools for full browser control powered by Camoufox — a Firefox fork with C++ level anti-detection that bypasses Cloudflare, bot detection, and anti-automation.
One command. No Python. No manual setup. Everything auto-installs.
claude mcp add camoufox -- npx -y mcp-camoufox@latest
What Can It Do?
- Login to Google, ChatGPT, GitHub — without getting blocked
- Fill forms, click buttons, type text, upload files
- Manage cookies, localStorage, sessions across visits
- Take screenshots, export PDFs, capture network traffic
- Work with multiple tabs, iframes, dialogs
- Execute JavaScript, inspect elements, scroll pages
- Scrape structured data (job listings, products) with auto-detected selectors
- All while being undetectable by anti-bot systems
Comparison
| MCP Server | Tools | Stealth | npx Install | Persistent Session |
|---|---|---|---|---|
| Chrome DevTools MCP | 30+ | No | Built-in | Yes |
| whit3rabbit/camoufox-mcp | 1 | Yes | Yes | No |
| redf0x1/camofox-mcp | 45 | Yes | No (clone) | Yes |
| Sekinal/camoufox-mcp | 49 | Yes | No (clone) | Yes |
| Playwright CLI | 60+ | No | Yes | Yes |
| mcp-camoufox | 80 | Yes | Yes | Yes |
Proven on Real Sites
| Site | Challenge | Result |
|---|---|---|
2captcha.com/demo/cloudflare-turnstile |
Cloudflare Turnstile widget | ✅ "Success!" via click_turnstile() tool (proof) |
bot.sannysoft.com |
Firefox fingerprint tests | ✅ All green (proof) |
browserscan.net/bot-detection |
WebDriver/UA/CDP/Navigator | ✅ All categories "Normal" (proof) |
🎯 Cloudflare Turnstile → Success via click_turnstile()
click_turnstile() auto-detects the widget via 6 selector fallback (iframe[src*=challenges.cloudflare.com], [data-sitekey], .cf-turnstile, …), computes checkbox position (offset_x=30 from widget left), and clicks with a 3-step Bezier-like approach — combined with Camoufox's native humanize + disable_coop for cross-origin iframe click.
Scope: works on Interactive Turnstile (visible iframe widget). Managed Challenge interstitials ("Just a moment...") render the widget in shadow DOM — not supported here; use sister project mcp-stealth-chrome (Chrome+CDP) for those. Real-world bypass success also depends on IP reputation and browser fingerprint — code alone doesn't guarantee it.
🧪 bot.sannysoft.com → Firefox Fingerprint Pass
User Agent reports Firefox/135.0, WebDriver missing, WebDriver Advanced passed, Permissions prompt, Plugins length 5 passed, Languages en-US,en, WebGL Intel HD Graphics — all green. ("Chrome: missing" is expected — Camoufox spoofs Firefox, not Chrome.)
🔍 browserscan.net/bot-detection → All Categories Normal
WebDriver, User-Agent, CDP, Navigator — every detection category returns "Normal". Camoufox's C++-level Firefox patches leave zero automation signals.
Setup
Claude Code
Global (available in all projects):
claude mcp add camoufox --scope user -- npx -y mcp-camoufox@latest
Project only (current project):
claude mcp add camoufox -- npx -y mcp-camoufox@latest
Claude Desktop
Global — add to config file:
- macOS:
~/Library/Application Support/Claude/claude_desktop_config.json - Windows:
%APPDATA%\Claude\claude_desktop_config.json - Linux:
~/.config/Claude/claude_desktop_config.json
{
"mcpServers": {
"camoufox": {
"command": "npx",
"args": ["-y", "mcp-camoufox@latest"]
}
}
}
Claude Desktop is always global — no project-level config.
Cursor
Global — Preferences > Features > MCP, or ~/.cursor/mcp.json:
Project — .cursor/mcp.json in project root:
{
"mcpServers": {
"camoufox": {
"command": "npx",
"args": ["-y", "mcp-camoufox@latest"]
}
}
}
Windsurf
Global — ~/.windsurf/mcp.json:
Project — .windsurf/mcp.json in project root:
{
"servers": {
"camoufox": {
"command": "npx",
"args": ["-y", "mcp-camoufox@latest"]
}
}
}
VS Code (Continue / Cline / Kilo Code)
Global — VS Code settings or ~/.continue/config.json:
Project — .vscode/mcp.json in project root:
{
"mcpServers": {
"camoufox": {
"command": "npx",
"args": ["-y", "mcp-camoufox@latest"]
}
}
}
Factory (Droid)
Global — ~/.factory/mcp.json:
Project — .factory/mcp.json in project root:
{
"mcpServers": {
"camoufox": {
"type": "stdio",
"command": "npx",
"args": ["-y", "mcp-camoufox@latest"],
"disabled": false
}
}
}
Or via CLI:
droid mcp add camoufox "npx -y mcp-camoufox@latest"
OpenCode
Global — ~/.config/opencode/opencode.json:
Project — opencode.json in project root:
{
"mcp": {
"camoufox": {
"type": "local",
"command": ["npx", "-y", "mcp-camoufox@latest"],
"enabled": true
}
}
}
Note: OpenCode uses
"type": "local"(not"stdio") andcommandas a single array.
Trae (ByteDance)
Global — ~/.trae/mcp.json:
Project — .trae/mcp.json in project root:
{
"mcpServers": [
{
"name": "camoufox",
"command": ["npx", "-y", "mcp-camoufox@latest"]
}
]
}
Note: Trae uses an array format for
mcpServers, not an object.
Antigravity (Google)
Global — ~/.gemini/antigravity/mcp_config.json:
{
"mcpServers": {
"camoufox": {
"command": "npx",
"args": ["-y", "mcp-camoufox@latest"]
}
}
}
Or via UI: Agent Panel > ... > MCP Servers > Manage MCP Servers > View raw config.
Antigravity is global only — no project-level MCP config.
Requirements
| Requirement | Version | Check |
|---|---|---|
| Node.js | 18+ | node --version |
That's all. Camoufox browser binary (~80MB) downloads automatically on first launch.
All 80 Tools
Browser Lifecycle (2)
| Tool | Description |
|---|---|
browser_launch |
Launch stealth browser. Options: url, headless, humanize, geoip, locale, width, height |
browser_close |
Close browser. Cookies preserved in profile. |
Navigation (4)
| Tool | Description |
|---|---|
navigate |
Go to URL. Options: wait_until (domcontentloaded/load/networkidle), timeout |
go_back |
Back in history |
go_forward |
Forward in history |
reload |
Reload page |
DOM & Content (6)
| Tool | Description |
|---|---|
browser_snapshot |
Get interactive elements with ref IDs. Call after every navigation. |
screenshot |
Capture viewport or full page. Options: name, full_page |
get_text |
Text from page or selector (max 5000 chars) |
get_html |
HTML from page or selector (max 10000 chars) |
get_url |
Current URL + title |
save_pdf |
Export page as PDF |
Element Interaction (9)
| Tool | Description |
|---|---|
click |
Click by ref ID. Auto JS-fallback for overlays. Options: button, dblclick |
click_text |
Click by visible text. Options: exact |
click_role |
Click by ARIA role + name |
hover |
Hover over element |
fill |
Fill input/textarea (clears first) |
select_option |
Select from dropdown |
check / uncheck |
Toggle checkbox/radio |
upload_file |
Upload file to input |
Keyboard (2)
| Tool | Description |
|---|---|
type_text |
Type char by char. Options: delay. For OTP, masked inputs, date pickers. |
press_key |
Key or combo: Enter, Escape, Tab, Control+a, Meta+c |
Mouse XY (4)
| Tool | Description |
|---|---|
mouse_click_xy |
Click at exact coordinates. Optional steps (0=instant, 15-30=human-like pre-movement) |
mouse_move |
Move cursor to coordinates. Optional steps for interpolated path |
click_turnstile |
Auto-find + humanized click on Cloudflare Turnstile widget. Params: offset_x (default 30), offset_y, wait_render_ms. Works on Interactive Turnstile (visible iframe widget). Not for Managed Challenge interstitials. |
drag_and_drop |
Drag between two elements |
Wait (4)
| Tool | Description |
|---|---|
wait_for |
Wait for selector or text (visible/hidden/attached/detached) |
wait_for_navigation |
Wait for page load |
wait_for_url |
Wait for URL pattern match |
wait_for_response |
Wait for network response pattern |
Tabs (4)
| Tool | Description |
|---|---|
tab_list |
List all tabs |
tab_new |
Open new tab |
tab_select |
Switch tab |
tab_close |
Close tab |
Cookies (3)
| Tool | Description |
|---|---|
cookie_list |
List cookies. Options: domain filter |
cookie_set |
Set cookie |
cookie_delete |
Delete by name/domain. Empty = clear all. |
Local Storage (3)
| Tool | Description |
|---|---|
localstorage_get |
Get all or specific key |
localstorage_set |
Set key-value |
localstorage_clear |
Clear all |
Session Storage (2)
| Tool | Description |
|---|---|
sessionstorage_get |
Get all or specific key |
sessionstorage_set |
Set key-value |
JavaScript (2)
| Tool | Description |
|---|---|
evaluate |
Run JS in page context |
inject_init_script |
Inject script that runs on every page load |
Element Inspection (4)
| Tool | Description |
|---|---|
inspect_element |
Full element info: tag, attributes, box, styles |
get_attribute |
Get specific attribute |
query_selector_all |
Query multiple elements by CSS selector |
get_links |
Get all links with URL + text. Options: filter |
Frames (2)
| Tool | Description |
|---|---|
list_frames |
List all frames/iframes |
frame_evaluate |
Run JS inside a frame |
Batch Operations (3)
| Tool | Description |
|---|---|
batch_actions |
Multiple actions in one call (click, fill, type, press, wait) |
fill_form |
Fill multiple fields + optional submit |
navigate_and_snapshot |
Navigate + snapshot in one call |
Viewport (2)
| Tool | Description |
|---|---|
get_viewport_size |
Get width x height |
set_viewport_size |
Set dimensions |
Scroll (1)
| Tool | Description |
|---|---|
scroll |
Scroll up/down/left/right by pixel amount |
Dialog (1)
| Tool | Description |
|---|---|
dialog_handle |
Pre-set accept/dismiss for next alert/confirm/prompt |
Accessibility (1)
| Tool | Description |
|---|---|
accessibility_snapshot |
Accessibility tree for LLM understanding |
Console & Network (4)
| Tool | Description |
|---|---|
console_start / console_get |
Capture and retrieve browser console messages |
network_start / network_get |
Capture and retrieve network requests |
Compound (reduce round-trips) (4)
| Tool | Description |
|---|---|
wait_and_snapshot |
Wait for selector/text + return snapshot in one call |
back_and_snapshot |
Navigate back + return snapshot |
reload_and_snapshot |
Reload page + return snapshot |
click_and_snapshot |
Click + wait + return snapshot. Perfect for buttons that trigger navigation. |
Smart Selectors (skip snapshot) (3)
| Tool | Description |
|---|---|
find_by_text |
Find element by visible text, returns ref. Skip browser_snapshot when you know exact text. |
find_by_label |
Find input by label text, returns ref. |
find_by_placeholder |
Find input by placeholder, returns ref. |
Session Portability (2)
| Tool | Description |
|---|---|
cookie_export |
Export all cookies as JSON (for transfer) |
cookie_import |
Import cookies from JSON (restore session) |
Scraping & Extraction (4)
| Tool | Description |
|---|---|
detect_content_pattern |
Auto-detect repeated content (cards, listings) and suggest CSS selectors. Run this before extract_structured. |
extract_structured |
Extract data from repeated elements as clean JSON. Auto-deduplicates, filters empties, direct_text_only prevents field mixing. |
extract_table |
Extract HTML table as JSON array with auto-detected headers |
scrape_page |
Smart scraper: auto-extract main content (strips nav/footer), links, meta, headings. Smart truncation at paragraph boundary. |
Debug (4)
| Tool | Description |
|---|---|
server_status |
Health check: browser status, tabs, URL |
get_page_errors |
JS errors from page |
export_har |
Export network traffic as HAR file |
page_stats |
Element count, page size, load metrics + extraction strategy recommendation |
Examples
Login to a website
browser_launch(url="https://accounts.google.com", headless=false)
browser_snapshot() # see email input
fill(ref="e1", value="[email protected]") # fill email
click(ref="e4") # click Next
wait_for(selector='input[type="password"]') # wait for password page
browser_snapshot()
fill(ref="e2", value="mypassword") # fill password
click(ref="e4") # click Next
Fill a form in one call
fill_form(
fields=[
{ref: "e3", value: "John Doe"},
{ref: "e5", value: "[email protected]"},
{ref: "e7", value: "Hello world"}
],
submit_ref="e10"
)
Batch multiple actions
batch_actions(actions=[
{type: "click", ref: "e5"},
{type: "wait", timeout: 1000},
{type: "fill", ref: "e8", value: "search query"},
{type: "press", key: "Enter"}
])
Search Google
browser_launch(url="https://google.com")
browser_snapshot()
click(ref="e5") # search box
type_text(text="mcp-camoufox npm")
press_key(key="Enter")
Multi-tab research
browser_launch(url="https://github.com")
tab_new(url="https://stackoverflow.com")
tab_list()
tab_select(index=0)
Wait for API response
click(ref="e10")
wait_for_response(url_pattern="/api/data")
browser_snapshot()
Inspect elements
inspect_element(ref="e5")
get_links(filter="github.com")
query_selector_all(selector=".product-card")
Work with iframes
list_frames()
frame_evaluate(frame_index=1, expression="document.title")
Scrape job listings (structured)
browser_launch(url="https://glints.com/id/opportunities/jobs/explore")
detect_content_pattern() # auto-suggest selectors
extract_structured(
container_selector=".job-card", # from detect_content_pattern
fields=[
{name: "title", selector: "h3"},
{name: "company", selector: ".company-name"},
{name: "location", selector: ".location"},
{name: "url", selector: "a", attribute: "href"}
]
)
Scrape page content (smart)
scrape_page(only_main_content=true, max_text_length=8000)
# Returns: title, url, meta, text (truncated at paragraph boundary),
# links, headings, truncated flag, total_text_length
Manage storage
localstorage_get()
localstorage_set(key="token", value="abc123")
cookie_list(domain="example.com")
How It Works
AI Agent (Claude, Cursor, Windsurf, VS Code)
|
| MCP Protocol (stdio JSON-RPC)
v
mcp-camoufox (Node.js)
|
| Playwright API (Juggler protocol, NOT CDP)
v
Camoufox (Patched Firefox binary)
|
| C++ anti-fingerprint patches
v
Website (Cloudflare, bot detection — bypassed)
Why stealth works
- Juggler protocol instead of CDP — sites detecting Chrome DevTools Protocol cannot detect Camoufox
- C++ level patches — fingerprint spoofing at browser engine level, not JavaScript injection
- GeoIP auto-detection — timezone, locale, geolocation match your real IP
- Human-like behavior — optional
humanizemode for realistic mouse movements
Why sessions persist
Browser profile stored at ~/.camoufox-mcp/profile/. Cookies, localStorage, IndexedDB survive across sessions. Login once, stay logged in.
Why refs work better
browser_snapshot tags elements with data-mcp-ref attributes. This is:
- More token-efficient than sending full HTML
- More reliable than CSS selectors that break when sites update
- Clickable via
click(ref="e5")— no selector gymnastics
Data Storage
| Path | Contents |
|---|---|
~/.camoufox-mcp/profile/ |
Browser profile (cookies, localStorage, cache) |
~/.camoufox-mcp/screenshots/ |
Screenshots, PDFs, HAR exports |
Reset everything: rm -rf ~/.camoufox-mcp/
Troubleshooting
| Problem | Fix |
|---|---|
| "Browser not running" | Call browser_launch first |
| Click blocked by overlay | Auto JS-fallback handles it. Or press_key("Escape") first. |
| Stale refs after navigation | Call browser_snapshot again — refs regenerate each time |
| Window too large | browser_launch(width=1024, height=768) |
| First launch slow | Downloading Camoufox binary (~80MB). Happens once. |
| Huge snapshot output | Normal for big pages. Use get_text or evaluate instead. |
| iframe not accessible | Use list_frames + frame_evaluate |
| CAPTCHA appears | Cannot auto-solve. Use headless=false and solve manually. |
License
MIT
Built by RobithYusuf
Как установить
Добавь это в claude_desktop_config.json и перезапусти Claude Desktop.
{
"mcpServers": {
"mcp-camoufox": {
"command": "npx",
"args": []
}
}
}Похожие MCP
Playwright
Browser automation, scraping, screenshots
автор: Microsoft
4.915,2 тыс.
Puppeteer
Browser automation and web scraping.
автор: modelcontextprotocol
0.00
opentabs-dev/opentabs
Plugin-based MCP server + Chrome extension that gives AI agents access to web applications through the user's authenticated browser session. 100+ plugins with a
автор: opentabs-dev
0.00
robhunter/agentdeals
1,500+ developer infrastructure deals, free tiers, and startup programs across 54 categories. Search deals, compare vendors, plan stacks, and track pricing chan
автор: robhunter
0.00