Skip to main content

Open stealth-browser framework — drive a real recompiled-Chromium (Fortress) that defeats bot-detection fingerprint suites. Drop-in stealth for browser-use, Playwright, Crawl4AI, with an MCP server for AI agents.

Project description

Tilion

A stealth browser for AI agents. pip install tilion — drive a real, undetected Chromium that gets past Cloudflare, DataDome, and bot detection, with no server, no account, and no API key.

Framework & MCP: Beta · runs local & free · Tilion Cloud (residential egress) coming soon · 📖 Full documentation · 📊 Benchmarks

Same site, same prompt: a vanilla browser is blocked by PerimeterX while Claude + the Tilion MCP returns clean JSON

Real, dated run: stockx.com (PerimeterX). A stock browser gets HTTP 403 — "Access denied"; Claude with the Tilion MCP returns clean JSON. Reproduce: python demo/make_split_demo.py.

Tilion is an open stealth-browser framework. It runs a recompiled-Chromium stealth engine (Fortress) locally, in-process, and gives you one clean API for fetching protected pages, extracting content, crawling sites, reconnaissance, and multi-step automation — plus a Model Context Protocol (MCP) server so AI agents can reach for it the moment they get blocked.

pip install tilion

Quickstart

import asyncio
from tilion import Tilion

async def main():
    async with Tilion() as t:                     # boots the Fortress stealth engine locally
        page = await t.fetch("https://protected.example")   # past Cloudflare/DataDome/403
        print(page["title"], page["text"][:200])

        data = await t.extract("https://site/pricing")       # clean markdown + tables
        docs = await t.crawl("https://site", depth=2)        # whole-site crawl (auto-SPA)
        apis = await t.recon("https://site")                 # discover the site's private API
        hits = await t.search("undetected playwright")       # real-browser web search

asyncio.run(main())

No uvicorn, no Redis, no auth — local mode holds one real browser and drives it directly.

Drop-in stealth for your existing stack

Already using browser-use, Playwright, Puppeteer, Crawl4AI, or Stagehand? They all connect to a browser by CDP URL. Point that at Tilion's Fortress engine and your existing code runs through the stealth browser — one line, no rewrite:

from tilion import Tilion

t = await Tilion().start()
cdp_url = t.cdp_url            # hand this to any CDP-speaking stack

# browser-use:
from browser_use import Agent, BrowserSession
agent = Agent(task="...", browser_session=BrowserSession(cdp_url=cdp_url))

# Playwright:
browser = await playwright.chromium.connect_over_cdp(cdp_url)

MCP server — stealth browsing for any AI agent

Ship the Fortress MCP server so a coding/browsing agent auto-selects it when a fetch is blocked:

pip install "tilion[mcp]"
tilion-mcp          # or: python -m tilion.mcp

Claude Desktop / Cursor — add to your MCP config:

{ "mcpServers": { "fortress": { "command": "tilion-mcp" } } }

26 intent-loaded tools including: fetch_protected_page, extract_page, crawl_site, recon_site_apis, search_web, run_browser_task, screenshot_page, save_page, list_browser_tasks, get_stealth_cdp_endpoint. Pre-warmed on startup (~100 ms first call), concurrency-safe, timeout- and SSRF-guarded.

What you get

fetch stealth GET past Cloudflare/DataDome/403 + auto challenge-resolve
extract page → clean markdown + tables + metadata (or a schema-shaped record)
crawl / spa_crawl whole-site crawl, auto-handles SPA/JS + lazy-load → sitemap
recon reverse-engineer a site's private XHR/JSON API (secret-scrubbed)
search real-browser web search (no SERP API)
agent 20 multi-step flows: login, paginate, infinite-scroll, checkout, downloads…
screenshot / save PNG, or export as PDF / HTML / text
cdp_url raw CDP endpoint for browser-use / Playwright / Puppeteer
t.page(url) escape hatch to the full DOM API (click, type, wait, evaluate, …)

How stealth works

The engine is a recompiled Chromium C++ fork, not a JS patch or a stealth plugin. Persona, User-Agent, WebGL, and canvas fingerprints are applied natively with genuine binding returns (toString() === [native code]), so there are no JavaScript injection tells. In independent fingerprint suites it runs Sannysoft-clean, CreepJS 0% headless, browserscan "no bots."

Honest note: a great fingerprint on a datacenter IP still gets blocked by the biggest sites — real anti-bot decisions weigh the egress IP heavily. For production scraping of hostile targets, add a residential proxy (Tilion's proxy layer is pluggable) or use hosted Tilion cloud egress. Tilion does not claim to be "undetectable."

Install options

pip install tilion              # core: stealth browser + fetch/extract/crawl/recon/search
pip install "tilion[mcp]"       # + the MCP server
pip install "tilion[vision]"    # + LLM-driven agent (Claude/OpenAI/Gemini)
pip install "tilion[server]"    # + the multi-tenant control-plane API (self-host cloud)

License

Open-core. The funneltilion.facade + tilion.mcp — is BSD-3-Clause. The engine (tilion.core driver + the Fortress C++ binary via tilion-fortress) is proprietary, shipped as bytecode/binary. See OPENSOURCE_SPLIT.md.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

tilion-0.1.0-cp313-none-any.whl (1.0 MB view details)

Uploaded CPython 3.13

tilion-0.1.0-cp312-none-any.whl (1.0 MB view details)

Uploaded CPython 3.12

tilion-0.1.0-cp311-none-any.whl (1.0 MB view details)

Uploaded CPython 3.11

tilion-0.1.0-cp310-none-any.whl (726.8 kB view details)

Uploaded CPython 3.10

File details

Details for the file tilion-0.1.0-cp313-none-any.whl.

File metadata

  • Download URL: tilion-0.1.0-cp313-none-any.whl
  • Upload date:
  • Size: 1.0 MB
  • Tags: CPython 3.13
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.13

File hashes

Hashes for tilion-0.1.0-cp313-none-any.whl
Algorithm Hash digest
SHA256 3159ab48ac8545569d55a388ea4c7fb0b27cbbbff61b8fd946339495b43af4eb
MD5 f91b0bc5d423fb5fa23f1432f878565e
BLAKE2b-256 a9dd768b57bd2275d6d6d3a7acf15096e1b39fe32325707389853c1f731c6308

See more details on using hashes here.

File details

Details for the file tilion-0.1.0-cp312-none-any.whl.

File metadata

  • Download URL: tilion-0.1.0-cp312-none-any.whl
  • Upload date:
  • Size: 1.0 MB
  • Tags: CPython 3.12
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.13

File hashes

Hashes for tilion-0.1.0-cp312-none-any.whl
Algorithm Hash digest
SHA256 675b1af91681c2c7ce3246ccc51914895b907b79958f9b5f5e0a1e808f1ce05c
MD5 b291a8f81927ab7b6b1b0650b20bc539
BLAKE2b-256 a5dce568a468eef1e3e502465ff2d889e95fc2ec0d4d056a33e8f7cc044d77de

See more details on using hashes here.

File details

Details for the file tilion-0.1.0-cp311-none-any.whl.

File metadata

  • Download URL: tilion-0.1.0-cp311-none-any.whl
  • Upload date:
  • Size: 1.0 MB
  • Tags: CPython 3.11
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.13

File hashes

Hashes for tilion-0.1.0-cp311-none-any.whl
Algorithm Hash digest
SHA256 af1c9c11ec6e58233efa8cb4b7c827712242d820be190dc22e489c14d9360a9f
MD5 605f734274087e5ff075ce35e7800668
BLAKE2b-256 e2c8bd30292ad7ef368f17debaa81ca5817b68711e20a18ede8dcd70c9033756

See more details on using hashes here.

File details

Details for the file tilion-0.1.0-cp310-none-any.whl.

File metadata

  • Download URL: tilion-0.1.0-cp310-none-any.whl
  • Upload date:
  • Size: 726.8 kB
  • Tags: CPython 3.10
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.13.13

File hashes

Hashes for tilion-0.1.0-cp310-none-any.whl
Algorithm Hash digest
SHA256 86c9f5a91cb6d5bb9a6133ede07885c5803b2def4e06258535266ee5b91c0b5b
MD5 82a42fb76a4fce04426052f7697509c5
BLAKE2b-256 e58a6c685e75ec7aa03ee4e6e12323c43c135a78948ecb2bf8f63243c180a83c

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page