A project by the ProxyShard team — the proxy service with full SOCKS5 UDP relay (RFC 1928 §7) and active p0f TCP-fingerprint spoofing on the exit (so the OS the proxy claims to be on actually matches the SYN/ACK shape sites see). ShardX is the in-house anti-detect browser stack we built to get the most out of those proxies: the launcher manages profiles, binds proxies, and ships the patched Chromium 149 browser that does the actual spoofing at the engine level.
Drive ShardX whichever way fits the job — all four read from the same on-disk state, so a profile is reachable from every entry-point with no sync step:
127.0.0.1:40325; create /
start / stop profiles and grab a CDP endpoint from any language.Setup for each lives in Usage below.

A free, open-source anti-detect browser for web scraping and multi-accounting.
Run hundreds of isolated browser identities side by side, each one a fully-formed device with its own GPU, screen, fonts, audio stack, timezone, locale, WebGL/WebGPU caps, TLS ClientHello, UA-CH, WebRTC policy, geolocation and cookies — every signal coherent with the others, and every signal spoofed inside Chromium's C++ engine (Blink / V8 / network stack), not via JS injection that detectors trip on instantly.
You get 170 ready-made device profiles out of the box (mac M1–M5,
Windows desktops/laptops with RTX/GTX/Intel/AMD GPUs, Linux
workstations), bind a SOCKS5 / HTTP proxy to each one, and the
launcher handles the rest — auto-resolved timezone + locale +
geolocation from the proxy's exit country, isolated user-data-dir,
persistent cookies, Widevine pre-warm, QUIC over the proxy's UDP
relay, no real-IP leaks via WebRTC.
Free for any use — pair with ProxyShard proxies for the QUIC + WebRTC stack to actually work end-to-end, or bring your own.
What this gives you out of the box:
| Test | Result |
|---|---|
| browserleaks.com/quic | QUIC True, JA4 matches real Chrome, MTU 1232 over SOCKS5 UDP relay |
| fingerprint.com | Bot / VPN / DevTools / browser-tampering all Not detected |
| browserscan.net | Authenticity 100% |
| pixelscan.net | Fingerprint consistent, no proxy / automation detected |
| fp.haru.gay | isBot: false, every sub-signal false |
| antcpt.com/score_detector | reCAPTCHA v3 score 0.9 |
| networktest.twilio.com | TURN UDP / TCP / TLS + Voice — all Pass (no real-IP leak) |
All overrides live inside the browser engine — there is no JavaScript shim layer that detectors can spot, so spoofed values are consistent across iframes, web workers, devtools and headless inspection.
block / tcp_only / auto. In auto traffic
rides the proxy's UDP relay; otherwise WebRTC candidates report the
proxy exit IP, never the host. STUN / TURN targets on private
networks are dropped.speechSynthesis.getVoices()
enumeration (200+ macOS voices, SAPI + Google for Windows, Google-only
for Linux).x-client-data — its
absence is the loudest reCAPTCHA bot signal) are reproduced correctly.user-data-dir, persistent
Chrome sessions ("Continue where you left off" without the
crash-restore bubble), bulk import, folder / tag organisation, pin
to top, clone.127.0.0.1,
JWT-Bearer auth. Full reference at
docs.proxyshard.com/eng/shardx-launcher-api,
raw schema in openapi.yaml. Create / start / stop
profiles and get a CDP WebSocket URL programmatically.QUIC handshake completes end-to-end through the SOCKS5 UDP relay; every WebRTC probe (UDP / TCP / TLS) passes against Twilio's test suite without leaking the host IP.
browserleaks.com/quic — QUIC True, JA4 matches Chrome 149 |
networktest.twilio.com — every probe Pass |
|---|---|
![]() |
![]() |
fingerprint.com — Bot / VPN / DevTools / tampering Not detected |
fp.haru.gay — isBot: false, every signal false |
|---|---|
![]() |
![]() |
| ProxyShard's own browser-checker — no issues across 9 categories | pixelscan.net — Fingerprint consistent |
|---|---|
![]() |
| browserscan.net — Authenticity 100 %, locale honoured | antcpt.com — reCAPTCHA v3 score 0.9 |
|---|---|
![]() |
![]() |
All three are patched Chromium forks — the differentiation is in which surfaces each one bothers to patch, how cleanly, and what's wrapped around the engine.
| Feature | ShardX (this project) | CloakBrowser | Multilogin / AdsPower / Dolphin |
|---|---|---|---|
WebGPU spoofing (navigator.gpu adapter + every limit) |
✅ full | ❌ untouched — host GPU leaks | ✅ full |
| Client Hints (Sec-CH-UA-* full stack with GREASE) | ✅ full | ❌ partial / inconsistent | ✅ full on Multilogin / AdsPower, ❌ Dolphin |
| Font enumeration pinned per profile |
$ claude mcp add ShardBrowser \
-- python -m otcore.mcp_server <graph>