Open stealth-browser framework — drive a real recompiled-Chromium (Fortress) that defeats bot-detection fingerprint suites. Drop-in stealth for browser-use, Playwright, Crawl4AI, with an MCP server for AI agents.
Project description
Tilion — a stealth browser for AI agents
pip install tilion— drive a real, undetected Chromium that gets past Cloudflare, DataDome, and bot detection. No server, no account, no API key.
Framework & MCP: Beta · runs local & free · Tilion Cloud (residential egress) coming soon
Real, dated run against stockx.com (PerimeterX). A stock browser gets HTTP 403 — "Access denied"; an agent with the Tilion MCP returns clean JSON — same site, same prompt.
Tilion runs a recompiled-Chromium stealth engine (Fortress) locally, in-process, and gives you one clean API for fetching protected pages, extracting content, crawling sites, reconnaissance, and multi-step automation — plus a Model Context Protocol (MCP) server so AI agents can reach for it the moment they get blocked.
pip install tilion
Quickstart
import asyncio
from tilion import Tilion
async def main():
async with Tilion() as t: # boots Fortress locally
page = await t.fetch("https://protected.example") # past Cloudflare/DataDome/403
print(page["title"], page["text"][:200])
data = await t.extract("https://site/pricing") # clean markdown + tables
docs = await t.crawl("https://site", depth=2) # whole-site crawl (auto-SPA)
apis = await t.recon("https://site") # discover the site's private API
hits = await t.search("undetected playwright") # real-browser web search
asyncio.run(main())
No uvicorn, no Redis, no auth — local mode holds one real browser and drives it directly.
Drop-in stealth for your existing stack
Already on browser-use, Playwright, Puppeteer, or Crawl4AI? They connect to a browser by CDP URL. Point that at Tilion and your code runs through the stealth engine — one line, no rewrite:
t = await Tilion().start()
cdp_url = t.cdp_url # hand this to any CDP-speaking stack
from browser_use import Agent, BrowserSession
agent = Agent(task="...", browser_session=BrowserSession(cdp_url=cdp_url))
MCP server — stealth browsing for any AI agent
pip install "tilion[mcp]"
tilion-mcp # or: npx -y tilion-mcp
Claude Desktop / Cursor / Cline / Windsurf — add to the MCP config:
{ "mcpServers": { "fortress": { "command": "tilion-mcp" } } }
Claude Code (CLI): claude mcp add fortress -- tilion-mcp
26 tools: fetch_protected_page, extract_page, crawl_site, recon_site_apis,
search_web, run_browser_task, save_page, save_profile, get_stealth_cdp_endpoint, and
more — pre-warmed (~100 ms first call), concurrency-safe, timeout- and SSRF-guarded.
Full tool table →
What you get
fetch |
stealth GET past Cloudflare/DataDome/403 + auto challenge-resolve |
extract |
page → clean markdown + tables + metadata (or a schema-shaped record) |
crawl / spa_crawl |
whole-site crawl, auto-handles SPA/JS + lazy-load → sitemap |
recon |
reverse-engineer a site's private XHR/JSON API (secret-scrubbed) |
search |
real-browser web search (no SERP API) |
agent |
20 multi-step flows: login, paginate, infinite-scroll, checkout, downloads… |
screenshot / save |
PNG, or export as PDF / HTML / text |
cdp_url |
raw CDP endpoint for browser-use / Playwright / Puppeteer |
How stealth works
The engine is a recompiled Chromium C++ fork (shipped as the tilion-fortress dependency),
not a JS patch or a stealth plugin. Persona, User-Agent, WebGL, and canvas fingerprints are
applied natively with genuine binding returns (toString() === [native code]), so there are no
JavaScript injection tells. In independent suites it runs Sannysoft-clean, CreepJS 0%
headless, BrowserScan "Normal."
Honest note: a great fingerprint on a datacenter IP still gets blocked by the biggest sites — real anti-bot decisions weigh the egress IP heavily. For hostile targets, add a residential proxy or use hosted Tilion cloud egress (coming soon). Tilion does not claim to be "undetectable."
Install options
pip install tilion # core: stealth browser + fetch/extract/crawl/recon/search
pip install "tilion[mcp]" # + the MCP server
pip install "tilion[vision]" # + LLM-driven agent (Claude/OpenAI/Gemini)
Links
- Engine + MCP repo: https://github.com/tiliondev/fortress
- MCP setup & tools: https://github.com/tiliondev/fortress/tree/main/mcp
- Engine package: https://pypi.org/project/tilion-fortress/
Open-core: the tilion facade + MCP are BSD-3; the engine (tilion.core driver + the Fortress
binary) is proprietary. Requires Python 3.10–3.13 on Linux, macOS, or Windows.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distributions
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file tilion-0.1.1-cp313-none-any.whl.
File metadata
- Download URL: tilion-0.1.1-cp313-none-any.whl
- Upload date:
- Size: 1.0 MB
- Tags: CPython 3.13
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
7a97a3732047b60d6df59808bd386306569438f13daf45659598c9343e012d52
|
|
| MD5 |
7b7bf8cdaf232b2360fbf2bb65cc2472
|
|
| BLAKE2b-256 |
90b0a0a460b116d39f00aea63cc2e4fed3cb34fe7ec1eca207e586680d4f3be6
|
File details
Details for the file tilion-0.1.1-cp312-none-any.whl.
File metadata
- Download URL: tilion-0.1.1-cp312-none-any.whl
- Upload date:
- Size: 1.0 MB
- Tags: CPython 3.12
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c2f6fabefdd109398828741d69742501038bc7dfa067c7bb4e4b9ea90fd7eee0
|
|
| MD5 |
412233ba6e1b08c0ad306fd976445e64
|
|
| BLAKE2b-256 |
7ff9b93f425685bf4121fbb75dcf4a2c9fa33455ee906af1f89e4e39caf16adb
|
File details
Details for the file tilion-0.1.1-cp311-none-any.whl.
File metadata
- Download URL: tilion-0.1.1-cp311-none-any.whl
- Upload date:
- Size: 1.0 MB
- Tags: CPython 3.11
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
6115e0a45d409ce3f5ed32077b4056e22728a06b6e24c1fc16de3032e37d853a
|
|
| MD5 |
f70a08b0bb5e13dd8bb9eda600586822
|
|
| BLAKE2b-256 |
21f552c99d14ce16237a61d25c99f0f71a7afc903ec03646f945e7ff6c613f7b
|
File details
Details for the file tilion-0.1.1-cp310-none-any.whl.
File metadata
- Download URL: tilion-0.1.1-cp310-none-any.whl
- Upload date:
- Size: 726.8 kB
- Tags: CPython 3.10
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
c55c7856e93cc8696aaad39035bdda4400942f013daf8fc54b69c1384f3c119c
|
|
| MD5 |
c57576b4fdb96233cb4c8c9a2b573660
|
|
| BLAKE2b-256 |
b807422315de60286c6d4acc88012de31a46423f5207424a8faddbd9fbf8d2f6
|