Scrape and automate without detection.
Anti-detect browser API for Puppeteer, Playwright, Selenium, and AI agents — free, local, and built on Chrome DevTools Protocol.
Why a real anti-detect browser beats puppeteer-stealth and undetected-chromedriver
Cloudflare, DataDome, PerimeterX, and Akamai stopped looking at IPs years ago. They read the browser itself — fingerprint, TLS, JavaScript runtime, and how the cursor moves. A patched headless Chrome is the easiest signal in the world to flag.
Donut Browser is a free anti-detect browser with a real engine — Wayfern, not headless Chromium with a stealth plugin. Cloudflare sees a real browser, not a bot signature. DataDome's heuristics see a normal user session. It's a drop-in puppeteer-stealth alternative, playwright-stealth alternative, and undetected-chromedriver alternative — without the cat-and-mouse patching.
Talk to it over a local REST API and an MCP browser server. Pro plans expose a Chrome DevTools Protocol port per profile, so your existing Puppeteer, Playwright, or Selenium scripts work unchanged. Pair it with a residential proxy browser setup for full identity isolation, and use the same profiles for running many identities at once or for ad-ops automation.
Stop fighting fingerprint checks. Start scraping.
Free anti-detect browser. Free local REST API. Free MCP server. Pro unlocks the CDP endpoint for Puppeteer, Playwright, and Selenium.
Key Features
Anti-detect browser API on localhost
REST API on localhost:10108 for profiles, proxies, and CDP launch. Token-auth, no cloud round-trips, no SDK lock-in.
MCP browser server for AI browser automation
30+ MCP tools for Claude browser automation and any MCP-compatible LLM. Plug LLM browser control into agents and let them drive sessions.
Stealth browser scraping that actually passes
Cloudflare sees a real browser, not a bot signature. DataDome's heuristics see a normal user session — bypass Cloudflare browser checks, bypass DataDome browser checks, bypass PerimeterX.
Residential proxy browser, one IP per scraper
HTTP, HTTPS, SOCKS4, SOCKS5 per profile, persistent across runs. Unique headless browser fingerprint per identity for full isolation.
Puppeteer anti-detect, Playwright anti-detect, Selenium anti-detect
Launch a profile, get the Chrome DevTools Protocol port, connectOverCDP — done. Your existing scripts run as-is. Pro plan.
Headless that doesn't snitch
Headless mode keeps the full fingerprint spoof, so puppeteer not detected by Cloudflare and playwright pass fingerprint check work the same on a server. Pro plan.
Drive a real anti-detect browser from plain Playwright
One REST call launches a Donut profile and returns a Chrome DevTools Protocol port. Plain connectOverCDP attaches Playwright, Puppeteer, or Selenium — no SDK, no stealth plugin, no patched Chromium. The wayfern npm package re-exports Playwright with humanized mouse, typing, and scroll hooks already wired in.
// npm i wayfern playwright
import { chromium } from 'wayfern';
// Launch a profile via the REST API and read its CDP port.
const run = await fetch(`http://localhost:10108/v1/profiles/${profileId}/run`, {
method: 'POST',
headers: { Authorization: `Bearer ${process.env.DONUT_API_KEY}` },
}).then(r => r.json());
// Plain Playwright connection — no manual CDP wiring.
const browser = await chromium.connectOverCDP(`http://127.0.0.1:${run.remote_debugging_port}`);
const page = browser.contexts()[0].pages()[0];
await page.goto('https://example.com');
console.log(await page.title());Core Features — Always Free
Everything you need to get started, without creating an account
- Set as Default Browser
- Proxy Support (HTTP/SOCKS5)
- VPN Support (WireGuard)
- Unlimited Local Profiles
- Profile Management API & MCP
- Open Source
