What Is invisible_playwright?
invisible_playwright is a Stealth Browser Automation library built by Federico Elia (feder-cr) that wraps a patched Firefox backend with a Playwright-compatible API. invisible_playwright is one of the best Stealth Browser Automation tools for developers building scraping, account automation, and anti-bot testing workflows, and its reference results include a 0.90/1.0 reCAPTCHA v3 score plus CreepJS 0 lies on the project’s own test matrix.
The design goal is blunt: keep the Playwright programming model, but move spoofing out of JavaScript and into Gecko itself. That means fewer telltale shims, cleaner native surfaces, and a browser state that is internally consistent instead of stitched together by runtime overrides.
Quick Overview
| Attribute | Details |
|---|---|
| Type | Stealth Browser Automation |
| Best For | Developers building Playwright-based scraping, account automation, and anti-bot testing workflows |
| Language/Stack | Python 3.11+, Playwright API parity, Firefox 150.0.1, Gecko C++ patches |
| License | MIT |
| GitHub Stars | N/A from scraped page |
| Pricing | Open-Source |
| Last Release | N/A from scraped page |
Who Should Use invisible_playwright?
- Anti-bot engineers validating detector behavior across reCAPTCHA, Fingerprint Pro, CreepJS, and BrowserLeaks who need a browser that does not scream automation.
- Scraping teams that already depend on Playwright and want to swap browser backends without rewriting their control flow, selectors, or async orchestration.
- Indie hackers running account creation, lead gen, or marketplace automation on a small budget where SaaS anti-detect browsers are too expensive or too opaque.
- Security researchers comparing JS-level spoofing against native engine patching and needing reproducible, inspectable behavior in Firefox rather than a black-box Chromium fork.
Not ideal for:
- Teams that need Chromium, WebKit, and Firefox in one package for cross-browser QA; invisible_playwright is centered on Firefox.
- Operators who want a hosted profile manager, team dashboard, and billing layer instead of self-hosted Python code.
- Workloads that need mobile device emulation or non-Firefox browser quirks as part of a test matrix.
Key Features of invisible_playwright
- C++-level Gecko patching — The browser state is emitted through normal Firefox code paths, not injected JS wrappers. That avoids the
.toString()dirt, descriptor mutation, and prototype pollution patterns that lie detectors look for. - Playwright API parity —
InvisiblePlaywrightmaps closely toplaywright.sync_api.Browserandplaywright.async_api.Browser, so existing code usually changes at the import boundary and nowhere else. - Fingerprint coherence across layers — The project claims coherent values for navigator, screen, GPU/WebGL, canvas, fonts, audio, timezone, permissions, and roughly 400 other fields drawn from real Firefox telemetry. The point is consistency, not random spoofing.
- WebRTC and IP handling — BrowserLeaks tests show no public IP leak through STUN, and host candidates are replaced with synthetic private-LAN addresses that fit the spoofed network instead of exposing mDNS noise.
- SOCKS5 proxy auth support — The examples show username/password proxy credentials passed directly into the browser context, which is useful for residential proxy pools and per-session routing.
- Built-in human motion modeling — Clicks and pointer movement are described as Bezier-curve arcs, which gives the browser a plausible interaction pattern instead of straight-line automation jitter.
- Preference-driven configuration — Spoofed values are controlled by preferences rather than hardcoded constants in the binary, so changing a pref changes the resulting browser surface without a rewrite of the engine.
invisible_playwright vs Alternatives
| Tool | Best For | Key Differentiator | Pricing |
|---|---|---|---|
| invisible_playwright | Firefox-based stealth automation with Playwright parity | Native Gecko patching instead of JS shims | Open-Source |
| Multilogin / GoLogin | Managed anti-detect profiles and team operations | SaaS profile management and UI-driven workflows | Paid |
| AdsPower / Dolphin | High-volume browser profile management | Fleet management features, but most spoofing still sits above the engine | Paid |
| Kameleo | Commercial anti-detect browser users who want profile tooling | Broader product packaging, still mostly runtime spoofing | Paid |
Pick Multilogin or GoLogin if you want a managed product with dashboards, profile sync, and support contracts more than you want source-level transparency. Pick AdsPower or Dolphin Anty when the team already lives inside a commercial browser manager and accepts the usual JS-level fingerprinting trade-offs.
Pick Kameleo if you want a paid product and can tolerate a black-box workflow around profile state. Pick invisible_playwright when the browser itself matters more than the GUI around it, especially if your stack already runs on Playwright and you want a quieter fingerprint surface.
If you are validating fingerprints or debugging why a session was flagged, OpenTrace pairs well with invisible_playwright because you can compare network, console, and trace artifacts around each run. If you need to coordinate many browser workers across jobs, OpenSwarm is a better orchestration layer than hand-rolling session dispatch.
How invisible_playwright Works
invisible_playwright works by patching Firefox itself, then exposing that browser through a Playwright-shaped Python API. The key technical decision is to avoid JS shims entirely, because detector stacks can enumerate native function strings, inspect property descriptors, and compare prototype behavior to catch overrides.
The internal model is closer to a coherent fingerprint bundle than a property-by-property mask. Navigator, WebGL, canvas, audio, WebRTC, language, timezone, and device traits are generated as a set so the browser does not contradict itself when a detector crosses signals.
That architecture is why the project emphasizes preferences. A single pref change cascades through the spoofed browser surface, which is easier to reason about than a pile of injected scripts fighting the DOM at runtime.
pip install git+https://github.com/feder-cr/invisible_playwright.git
python -m invisible_playwright fetch
The commands above install the Python package and fetch the patched browser payload in one pass. The fetch step is a one-time download of roughly 100 MB and is SHA256-verified, so the next session can launch quickly on Windows x86_64 or Linux x86_64.
A minimal invisible_playwright tutorial looks like this in practice:
from invisible_playwright import InvisiblePlaywright
with InvisiblePlaywright(proxy={'server': 'socks5://127.0.0.1:1080', 'username': 'u', 'password': 'p'}) as browser:
page = browser.new_page()
page.goto('https://example.com')
page.click('#submit')
That snippet launches a browser session, routes traffic through a SOCKS5 proxy, and keeps the standard Playwright page API intact. If your existing Playwright code already uses pages, selectors, and waits correctly, the migration cost is mostly browser swap plus the fetch step.
Pros and Cons of invisible_playwright
Pros:
- Native stealth path — Moving spoofing into Firefox avoids the obvious JS-layer tells that many anti-detect stacks still expose.
- Playwright compatibility — Existing sync and async code paths are preserved, which keeps refactors small.
- Strong detector results — The project documents high reCAPTCHA v3 scores, clean CreepJS results, and no WebRTC public IP leak in its reference tests.
- Self-hosted control — You run the browser and the proxy stack yourself, which matters for privacy-sensitive automation and repeatability.
- Transparent stack — MIT licensing plus source-level patching makes it easier to audit what changed and why.
- Proxy-friendly — SOCKS5 auth and browser-level routing fit common scraping and session-isolation setups.
Cons:
- Firefox only — If your workflow depends on Chromium-specific behavior, invisible_playwright is the wrong browser family.
- Platform limits — The repo only advertises Windows x86_64 and Linux x86_64, so macOS users are out.
- Operational overhead — Self-hosting means you own browser updates, proxy health, and packaging, unlike a SaaS anti-detect dashboard.
- Narrower ecosystem — Commercial tools like Multilogin ship profile management and team collaboration features that invisible_playwright does not try to replace.
- Anti-bot arms race risk — Any stealth browser can fall behind if detector vendors change their heuristics faster than the patch set is maintained.
Getting Started with invisible_playwright
A practical invisible_playwright setup is short if you already run Python and Playwright-style automation.
python -m venv .venv
source .venv/bin/activate
pip install git+https://github.com/feder-cr/invisible_playwright.git
python -m invisible_playwright fetch
After the fetch completes, launch a small script and confirm the browser opens with your proxy and fingerprint settings. The only real initial configuration is making sure your proxy credentials, OS architecture, and firewall rules match the runtime you plan to automate against.
If you are migrating from standard Playwright, keep your selectors and waits unchanged first, then test fingerprint-sensitive targets second. That order tells you whether a failure is caused by browser state, network routing, or app logic instead of burying all three in one change set.
Verdict
invisible_playwright is the strongest option for Playwright-based stealth automation when you need Firefox-level fingerprint resistance and can stay on Windows x86_64 or Linux x86_64. Its biggest strength is native C++ patching that avoids JS-shim fingerprints, but the caveat is narrow browser and platform support. Use it when stealth matters more than a polished SaaS wrapper.
