Patching navigator.webdriver and hoping for the best stopped working around the time DataDome started shipping ML-based canvas fingerprint matching.
All three tools in this comparison operate below the JavaScript patching layer. Rayobrowse is Linux Docker-first, Chromium-only, and built around Rayobyte's proxy infrastructure. Camoufox is free, open-source, and Firefox-based, with active development and a 2025 maintenance gap worth knowing about before taking a long-term dependency. Kameleo runs two custom browser kernels, covers all major platforms including Windows and macOS, supports mobile device emulation, and has nine years of anti-detection maintenance history behind it. Which one fits depends on your deployment constraints, language preferences, and how much fingerprint coherence your targets actually require.
Plugin-based stealth approaches fight fingerprinting at the JavaScript layer. Anti-bot systems have moved past that: they validate signals at the C++ rendering level, compare canvas hashes against databases of real-device profiles, and look for impossible OS/GPU combinations. Patching JavaScript on top of a detected engine is an arms race that resolves in one direction.
The three structural differences that matter most are browser engine coverage, how each tool handles canvas fingerprinting, and what they do or don't do about CDP-level detection signals. The rest of this post unpacks each one.
The Three Tools at a Glance
Before the detail, a side-by-side reference. (The proxy cost row near the bottom is worth a second look if you are evaluating Rayobrowse for multi-concurrent usage.)
Browser Engine Coverage: Why Single-Engine Fleets Are a Structural Problem
The real issue is statistical, not technical.
Anti-bot platforms model browser population distributions. When your entire scraping fleet runs on one engine, the traffic signature is narrow and easy to learn. A realistic traffic mix distributes signals across Chrome, Edge, and Firefox profiles because that is what actual user traffic looks like. A single-engine fleet is a population anomaly, not just a fingerprint flaw.
Kameleo ships two custom kernels. Chroma handles Chrome and Edge profiles, including Android Chrome. Junglefox handles Firefox. New Chroma kernels ship within 5 days of each Chrome Stable release by SLA, with same-day or next-day updates common in practice because the team pre-analyzes upcoming releases. Junglefox follows each Firefox release within 2 months. Multiple kernel versions can run concurrently, so you can distribute requests across a realistic version spread rather than a single-version monoculture.
Camoufox is Firefox-only. As of April 2026, the CloverLabsAI build is approximately one major version behind Firefox stable. The bigger concern is maintenance continuity: in early 2026, the original maintainer acknowledged a year-long gap in development. Active work has resumed under CloverLabsAI with meaningful recent commits, and the community is healthy (6k GitHub stars). The gap did happen once, and that is a real consideration for teams planning a long-term dependency.
Rayobrowse is Chromium-only. There is a recurring lag between upstream Chromium Stable releases and Rayobrowse shipping updated Docker images. If your User-Agent claims Chrome 124 but the underlying engine is Chrome 122, TLS fingerprinting and JS API behavior checks can surface the mismatch. Version coherence is a fingerprint issue too.
Canvas Fingerprinting: The Signal That Separated the Generations
The old approach was to add pixel noise to canvas output. That stopped working when anti-bot platforms started running ML models that compare incoming canvas hashes against databases of hashes from real devices. A noisy hash that does not match any known device configuration gets flagged immediately, because real hardware does not produce arbitrary noise. Adding noise to canvas is now worse than doing nothing.
Kameleo's Intelligent Canvas Spoofing works at the engine level. Rather than adding noise, it alters canvas rendering so the output hash matches the expected output for the OS, browser, and GPU combination the profile claims. Running a macOS Safari profile from a Windows host produces a canvas hash consistent with a real macOS device, not an impossible noise artifact. The implementation is backed by analysis of thousands of websites and canvas hash data from real device populations. Coverage is tied to that dataset, so the approach is strongest against the fingerprinting patterns that established anti-bot systems actually deploy in production — which is also where the dataset was built from. Arbitrary or highly dynamic canvas challenges are a narrower, different problem.
Camoufox takes a different approach: rather than spoofing the full canvas, it randomizes Skia's anti-aliasing algorithm at the C++ level and applies consistent per-session offsets so the output does not shift between reads (which would itself be a leak). This passes all known canvas noise tests used in production. The edge case is a set of low-entropy tests that Camoufox can fail — though those tests are rarely deployed because they also trigger false positives on legitimate hardware configurations.
Rayobrowse currently has no publicly documented canvas spoofing feature. Based on available public materials, this signal is either unaddressed or not transparently specified.
CDP Detection Signals: What Changed and What Still Matters
This is where the landscape shifted most visibly in the past year, and most comparisons have not caught up.
For several years, one of the sharpest CDP detection techniques worked like this:
1let wasAccessed = false;
2const e = new Error();
3Object.defineProperty(e, 'stack', {
4 get() {
5 wasAccessed = true;
6 return '';
7 }
8});
9console.debug(e);
10// if wasAccessed is true after this line, CDP is activeIn a real browser, console.debug never reads the stack property. Under CDP, the browser serializes the error object before sending it to the DevTools frontend. That serialization triggered the getter, flipped wasAccessed, and confirmed automation — even when navigator.webdriver was suppressed and the User-Agent looked clean.
It was a reliable, low-noise signal. Then V8 patched it.
Two commits landed in May 2025 (May 7 and May 9). V8 now checks whether a property getter is user-defined code; if it is, the getter is skipped during DevTools object preview entirely. The detection hook never fires. As Castle's research documents, this broke the technique silently and nobody announced it. Whether Firefox's SpiderMonkey received an equivalent fix is not confirmed.
Stack frame depth is a different signal and is still live. Automation frameworks inject init scripts that add internal frames to new Error().stack:
1new Error().stack.split('\n').length
2// real browser: ~2–4 frames
3// CDP-instrumented browser: noticeably deeper, with identifiable internal frame names__playwright__binding__, puppeteer_evaluation_script, and similar strings in frame output are reliable automation fingerprints that the V8 patch did not address.
Kameleo patches CDP side-effects at the kernel level. Chroma and Junglefox are custom binary builds with C++ patches that remove these behaviors before they can be observed by the page. The injected init script frames and Runtime.enable context pollution are patched out of the engine, so they do not surface regardless of which automation framework runs on top.
Camoufox addresses this through Juggler, Firefox's automation protocol equivalent. All Playwright init scripts run in an isolated scope outside the page, and stack frames from the internal automation layer do not appear in the page's Error.stack. The stack getter technique may also simply not apply to Firefox's Juggler implementation given that it does not use V8.
Rayobrowse runs standard Chromium with CDP. The Error.stack getter technique specifically is now a non-issue in modern Chromium thanks to the V8 patch. Stack frame depth leakage remains an open question with no publicly documented mitigation.
Platform Support, Mobile Emulation, and Profile Persistence
Platform support has a fingerprint dimension beyond deployment convenience. Kameleo supports Windows, macOS, and Docker, including Windows containers. A Windows fingerprint profile running on a Windows host produces more coherent low-level rendering signals (font output, canvas artifacts, graphics driver behavior) than the same profile running from a Linux container. Rayobrowse is Linux Docker-only, which creates a ceiling: convincing Windows-profile signals cannot be generated from a Linux host. At high volume, serving Windows fingerprints from Linux is a coherence gap that sophisticated detection systems can learn to correlate. Camoufox is available on all three major platforms and ships a native Dockerfile.
Mobile emulation opens a distinct scraping surface: mobile-optimized API endpoints, lower baseline anomaly scores on consumer sites, and broader profile distribution across your fleet. Kameleo supports full Android Chrome and iOS Safari emulation with coherent device memory, pixel ratio, touch events, and screen dimensions. Camoufox and Rayobrowse do not support mobile emulation. Manual viewport and User-Agent overrides in Camoufox will leak multiple inconsistent signals from the desktop engine underneath.
Profile persistence matters because detection systems flag the complete absence of browsing history and session state as a strong bot signal. Kameleo stores profiles on-device by default, with file export and optional cloud sync. Camoufox handles cookies and localStorage via Playwright's storageState, but full profile persistence (browsing history, cached resources) requires custom implementation on top. Rayobrowse leaves persistence strategy entirely to the engineer via Docker volumes.
Proxy Cost, Maturity, and What You Are Actually Buying
Two factors that belong in the evaluation spreadsheet but tend to get discovered too late.
Proxy lock-in: Camoufox works with any proxy and is free. Kameleo works with any proxy, with a free tier renewed monthly and paid plans for production scale. Rayobrowse's multi-concurrent model requires Rayobyte proxies at $3.50/GB. On a high-volume operation that cost accumulates quickly and ties you to a single vendor. Bring-your-own-proxy support is on the roadmap but is not yet available.
Maturity: Kameleo has been shipping since early 2017, before Puppeteer or Playwright existed. Nine years in the anti-detection space means the team has already tracked and responded to canvas ML detection, TLS fingerprinting, WebRTC leaks, device memory signals, graphics API fingerprinting, and multiple rounds of anti-bot vendor improvements.
Camoufox launched in mid-2024, made strong technical progress, then hit a maintenance gap. Development is active again under CloverLabsAI and the open-source community is engaged. Whether a gap recurs is an unknown; different teams will weigh that risk differently.
Rayobrowse launched in 2026 from Rayobyte, an established proxy company. The browser product itself is brand new. Early-stage development in key anti-detection areas is visible in the current feature set, particularly around canvas spoofing and CDP mitigation. The roadmap trajectory matters more than the current snapshot, but the snapshot is the only thing you can deploy today.
Which Tool Fits Your Use Case
Choose Camoufox if you are building a Python-only scraper at modest scale, cost is the primary constraint, and you have engineering capacity to handle fingerprint configuration, custom persistence, and maintenance uncertainty. The open-source codebase is a genuine advantage for teams that want to audit or extend stealth behavior.
Choose Rayobrowse if you are already inside the Rayobyte proxy ecosystem, targeting Linux-compatible sites, and the Chromium-only approach covers your use case. Run the proxy cost numbers before committing to multi-concurrent sessions, and treat canvas and CDP gaps as open items until Rayobrowse ships documentation or patches.
Choose Kameleo if you are building scraping infrastructure that needs to hold up across browser types, platforms, and regions over time. The dual-engine architecture, kernel-level canvas spoofing, CDP mitigation, mobile emulation, and nine years of maintenance history represent a different level of production readiness than the other two options in this comparison. The free tier includes 2 concurrent browsers renewed each month — enough for development, experimentation, or validating it against your actual targets before committing.
