惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Google Online Security Blog
Google Online Security Blog
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Stack Overflow Blog
Stack Overflow Blog
GbyAI
GbyAI
Microsoft Azure Blog
Microsoft Azure Blog
I
InfoQ
F
Fortinet All Blogs
N
Netflix TechBlog - Medium
Martin Fowler
Martin Fowler
腾讯CDC
C
CERT Recently Published Vulnerability Notes
博客园 - 聂微东
L
LINUX DO - 热门话题
Y
Y Combinator Blog
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Microsoft Security Blog
Microsoft Security Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
WordPress大学
WordPress大学
C
Cisco Blogs
A
Arctic Wolf
Latest news
Latest news
Jina AI
Jina AI
P
Proofpoint News Feed
博客园 - 叶小钗
Vercel News
Vercel News
T
Threat Research - Cisco Blogs
博客园 - 三生石上(FineUI控件)
K
Kaspersky official blog
C
Check Point Blog
H
Heimdal Security Blog
博客园 - Franky
小众软件
小众软件
The Register - Security
The Register - Security
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Google DeepMind News
Google DeepMind News
AWS News Blog
AWS News Blog
The Hacker News
The Hacker News
T
The Exploit Database - CXSecurity.com
aimingoo的专栏
aimingoo的专栏
Project Zero
Project Zero
G
GRAHAM CLULEY
爱范儿
爱范儿
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Scott Helme
Scott Helme
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
NISL@THU
NISL@THU

Hacker News - Newest: "LLM"

GitHub - lechmazur/position_bias: A benchmark for testing whether LLM judges keep the same preference when two lightly edited versions of the same story are shown in opposite orders. Flex routing (EU and EFTA) Dark Factories: Retooling for LLM Velocity Ask HN: What would be the impact of a LLM output injection attack? GitHub - AronDaron/dataset-generator: No-code desktop app for generating high-quality synthetic datasets to fine-tune LLMs — plan-then-execute pipeline, LLM-as-judge, HuggingFace upload. GitHub - Oaklight/llm-rosetta: Production-ready LLM API translation layer for Python — bidirectional conversion between OpenAI, Anthropic & Google formats via hub-and-spoke IR. Optional API gateway. Streaming & non-streaming. Zero core deps. Contributions welcome! GitHub - browser-use/browser-harness: Self-healing browser harness that enables LLMs to complete any task. GitHub - moeen-mahmud/remen: Remen turns thoughts into something you can return to Analyzing 156 LLM Launch Posts on Hacker News ChatGPT vs Gemini vs Claude: The Best LLM Subscription You Should Buy GitHub - salaamalykum/quran-semantic-search: High-density RAG Semantic Search Engine & Quran Corpus (GEO/SEO Architecture) GitHub - NVIDIA/TensorRT-LLM: TensorRT LLM provides users with an easy-to-use Python API to define Large Language Models (LLMs) and supports state-of-the-art optimizations to perform inference efficiently on NVIDIA GPUs. TensorRT LLM also contains components to create Python and C++ runtimes that orchestrate the inference execution in a performant way. The State of LLM Bug Bounties in 2026 Operational Readiness Criteria for Tool-Using LLM Agents Meshcore: Architecture for a Decentralized P2P LLM Inference Network How an LLM becomes more coherent as we train it GitHub - seetrex-ai/laimark GitHub - Jossifresben/BibCrit: AI-assited biblical textual criticism GitHub - wastedcode/memex: File system based wiki, maintained by Claude 99helpers.com GitHub - cliver-project/AITrigram GitHub - unbody-io/adapt: A self-evolving memory layer for AI agents. GitHub - hb20007/awesome-gen-ai-fails: A list of incidents where reliance on generative AI and LLMs resulted in harm to companies, individuals, or society GitHub - nevenkordic/localmind: Run any local LLM with persistent memory and context. CLI agent over Ollama with SQLite-backed hybrid recall. No cloud. Ask HN: What are the machine requirements for a LLM like Llama-3.1-8B? Faster LLM Inference via Sequential Monte Carlo grpo explained: group relative policy optimization for llm finetuning - cgft Stop comparing price per million tokens: the hidden LLM API costs · TensorZero Andrej Karpathy's LLM Wiki Is a Bad Idea GitHub - GG-QandV/mnemostroma: Offline RAM-first cognitive leer/coprocessor for AI agents and robotics. Solves "Context Abandonment" with 20-80ms latency using a dual-thread biomimetic memory architecture (ONNX + SQLite WAL). mempalace/agent at agent · skorotkiewicz/mempalace GitHub - Nyquest-ai/nyquest-rust-fullstack-pub: Nyquest — Semantic Compression Proxy for LLMs. 350+ rules, local LLM stage, 15-75% token savings. Full Rust stack. GitHub - TheoV823/mneme: Enforce architectural decisions in AI-assisted development. GitHub - klemenvod/TokenBrawl: A 1v1 Bomberman-style game where two LLM agents play autonomously against each other. No human plays — you watch the AIs fight. Each agent receives a text description of the board state, reasons about it, and outputs a move as JSON. The game engine executes it. Introducing the Common AI Provider: LLM and AI Agent Support for Apache Airflow Power Circuit AI: Designing Power Electronic Circuits for Motor Drives with Generative Artificial Intelligence Ask HN: How to program with IDE and LLM on CPU locally? Show HN: Agent-cache – Multi-tier LLM/tool/session caching for Valkey and Redis Bonsai 1-bit WebGPU - a Hugging Face Space by webml-community The LLM Fallacy: Misattribution in AI-Assisted Cognitive Workflows Ask HN: Simple tooling for local LLM code critique without IDE integration? Can a General LLM Diagnose a DICOM Slice? A 10-Case Public Benchmark Charts-of-Thought: Enhancing LLM Visualization Literacy (PDF, 2026) GitHub - Mesh-LLM/mesh-llm: Distributed AI/LLM for the people. Share compute privately or publicly to power your agents and chat. GitHub - seamus-brady/springdrift: A persistent runtime for long-lived LLM agents Writing an LLM from scratch, part 32k -- Interventions: training a better model locally with gradient accumulation Ask HN: Which LLM model and agentic CLI are you using for local development? GitHub - wayneColt/modelcascade: Route local. Escalate smart. Never overspend. Open-source multi-model cascade routing for autonomous agents. LLM pricing is 100x harder than you think GitHub - asakin/llm-primer: Pre-warmed Claude Code sessions in tmux. No startup wait. GitHub - EggerMarc/chat-rs: A multi-provider LLM framework for Rust. GitHub - SynapseKit/SynapseKit: Minimal, async-first Python framework for production LLM apps- 2 hard deps, no magic, no SaaS. A Claude Skill that Makes LLM Paragraphs More Bearable Does Gas Town 'steal' usage from users' LLM credits & paid services to improve itself? What's Claude Code Actually Doing? Open the Black Box with the Arthur Engine Milla Jovovich's New Open Source LLM Memory App and the Dark Code Problem Your intuition of LLM token usage might be wrong Show HN: Bloomberg Terminal for LLM ops – free and open source GitHub - 0xchamin/mcptube: Transform YouTube videos into a compounding knowledge base with transcripts, vision analysis, and agentic search. Works as an MCP server for Claude, Copilot & more. Show HN: Open KB: Open LLM Knowledge Base Your LLM is a compiler, not a runtime GitHub - sapountzis/Unslop: A Web Feed That Deserves You crates.io: Rust Package Registry Beyond Karpathy's LLM-Wiki: The Necessity of Cognitive Governance GitHub - amitshekhariitbhu/llm-internals: Learn LLM internals step by step - from tokenization to attention to inference optimization. GitHub - parallem-ai/parallem: An expressive library for running agents with the Batch API. GitHub - stfurkan/pi-llm LLM-Wiki Show HN: Formal – Formal verification for AI-generated code using Lean 4 LRTS – Regression testing for LLM prompts (open source, local-first) LLM Wiki Skill: Build a Second Brain with Claude Code and Obsidian I built an LLM Wiki and RAG solution: here's a demo for a security KB The biggest advance in AI since the LLM Predict-Rlm: The LLM Runtime That Lets Models Write Their Own Control Flow the-synthetic-library/the-synthetic-mind at main · joshferrer1/the-synthetic-library GitHub - yisding/reviewwiggum GitHub - Donnyb369/mcp-spine: Context Minifier & State Guard — Local-first MCP middleware proxy GitHub - Beledarian/wgpu-llm: A from-scratch LLM inference engine that uses wgpu (the cross-platform WebGPU implementation) to dispatch WGSL compute shaders for every math operation a Transformer needs. No CUDA. No Python. No massive framework dependencies. Just Rust, raw shaders, and your GPU. GitHub - anitiue/Hindsight: An experience-driven self-improvement framework for LLM agents — 基于经验的 LLM Agent 自我改进框架 GitHub - stef41/lmscan: 🔍 Detect AI-generated text and fingerprint which LLM wrote it. Open-source GPTZero alternative. Zero dependencies, works offline. GitHub - alainnothere/AmdPerformanceTesting: Amd Performance Testing Ask HN: Is a purely Markdown-based CRM a terrible idea? Optimized for LLM agents Context Engineering - LLM Memory and Retrieval for AI Agents | Weaviate little_helper_tui/letter.md at main · sleepyeldrazi/little_helper_tui GitHub - EvanZhouDev/umr: The Unified Model Registry for all your local AI apps. GitHub - JordanCT/VigIA-Orchestrator Your Agent Is Mine: Measuring Malicious Intermediary Attacks on the LLM Supply Chain A Taxonomy of RL Environments for LLM Agents Llama LLM Network Feture GitHub - genedeng-ca/ai-mac-migration: AI-powered Mac-to-Mac migration tool - replace Apple Migration Assistant with intelligent, selective transfer using local LLMs GitHub - lunargate-ai/gateway: High-performance self-hosted AI gateway (OpenAI-compatible) with routing, retries, and streaming GitHub - AuthBits/webmcp: A lightweight, prompt-driven MCP web research server for high-quality LLM powered information extraction. Externalization in LLM Agents: A Unified Review of Memory, Skills, Protocols and Harness Engineering Springdrift: An Auditable Persistent Runtime for LLM Agents with Case-Based Memory, Normative Safety, and Ambient Self-Perception High-Stakes Personalization: Rethinking LLM Customization for Individual Investor Decision-Making From Static Templates to Dynamic Runtime Graphs: A Survey of Workflow Optimization for LLM Agents HUOZIIME: An On-Device LLM-enhanced Input Method for Deep Personalization TIDE: Token-Informed Depth Execution for Per-Token Early Exit in LLM Inference Characterizing WebGPU Dispatch Overhead for LLM Inference Across Four GPU Vendors, Three Backends, and Three Browsers LLM Targeted Underperformance Disproportionately Impacts Vulnerable Users
scraping-wiki/index.md at main · TheWebScrapingClub/scraping-wiki
PigiVinci83 · 2026-04-22 · via Hacker News - Newest: "LLM"

TWSC Wiki Index

Last updated: 2026-06-11

Visual maps and views

  • canvases/: JSON Canvas (.canvas) visual maps of landscapes and ecosystems
    • agentic-browsers-landscape-2026.canvas
  • views/: Obsidian Bases (.base) live queries over wiki content
    • all-entities.base — see file for details
    • anti-bot-vendors.base — see file for details
    • recently-touched.base — see file for details
    • tools-and-browsers.base — see file for details

Entities

Anti-bot systems

  • ai-agent-reader-page — This page is designed to present different content versions of a web page, distinguishing between what a human reader sees and what a software agent reads.
  • Akamai Bot Manager — TLS/JA3-heavy detection with behavioral JS sensor. Silent drop on mismatch. Nike.com catalog uses Akamai only; TLS impersonation sufficient.
  • AWS WAF — Amazon WAF with JavaScript challenge. Cookie factory pattern works: browser gets aws-waf-token, Scrapy reuses it.
  • bot-detection-system — A bot detection system separates real users from unwanted automation by employing probabilistic scoring rather than relying on a single check.
  • claw-patrol — Claw Patrol is a security firewall designed to sit between agents and production environments.
  • Cloudflare — Multi-layer defense (TLS, JSD, Turnstile, ML scoring). Most tested anti-bot in TWSC corpus.
  • cloudflare-bot-management — BotScope is a platform designed to audit anti-agentic defenses for any website, utilizing advanced heuristics to detect anti-bot and anti-agent measures with precision.
  • Datadome — Behavioral analysis focus. Hermes.com is the canonical hard target. Chrome leaks automation signals that Firefox/Brave do not.
  • F5 Bot Defense — Enterprise anti-bot from F5 Networks. AI/behavioral focus. Second largest by market share (2022).
  • Kasada — Australian company. 429 signature. Hardware fingerprinting. Zero-trust first-request philosophy.
  • PerimeterX (HUMAN Bot Defender) — Now HUMAN Security. More IP-focused than fingerprint-focused (as of 2023). Scrapy Impersonate documented as a working bypass (2024).
  • reCAPTCHA — Google CAPTCHA system (v1/v2/v3). v3 is invisible risk scoring. Camoufox bypasses it; open-source token extractors do not.
  • sec-ch-ua-form-factors — A new HTTP client hint supported by Chrome that describes the user's device type (e.g., Desktop, Mob
  • selenium-headless-chrome-detection — Describes four methods to detect bots using Selenium running in headless Chrome environments.

Browsers

  • browserbase-chrome — Browserbase Chrome is utilized for running real-browser Quality Assurance (QA) against deployed previews of projects.
  • camoufox-reverse — A Camoufox fork (WhiteNightShadow) that adds an engine-level PropertyTracer recording which DOM getters a page reads. A reverse-engineering instrument, not a stealth build. TWSC used it to watch Datadome read canvas/WebGL/navigator on leboncoin.
  • chromiumfish — ChromiumFish is a stealth Chromium fork designed to present a consistent browser identity through fingerprint hardening.
  • invisible-playwright — invisible_playwright is a patched replacement for Playwright designed specifically for Firefox that is engineered to pass advanced bot detection tests.
  • konform-browser — Konform Browser is a stealth browser based on Firefox ESR for web scraping and automation.
  • lightpanda — Lightpanda is a browser built for AI and automation, offering faster execution and lower memory usag
  • rayobrowse — Rayobyte's stealth Chromium fork. Closed-source, Docker-based, CDP compatible. C++ patching. 100% benchmark score. Beta (2026).

Proxy networks and tools

  • atproxy — atproxy is a program written in Rust designed to transparently proxy TCP traffic originating from an Android application.
  • blanktrace — A cross-platform Rust CLI proxy that anonymizes browser traffic by randomizing digital fingerprints
  • clashmac — A macOS native proxy tool with real-time traffic monitoring, topology visualization, and multi-hop t
  • firehol — A community-driven project that aggregates multiple IP lists, including open proxies, Tor exit nodes
  • hysteria — Hysteria is a powerful, lightning fast, and censorship-resistant proxy.
  • ipidea — A residential proxy network that enrolled 9 million Android devices into a botnet.
  • kampala — Kampala is a tool for intercepting and automating web traffic.
  • lte-modems — The LTE modems serve as the physical source for a production residential IP proxy pool.
  • meshscrape — A service that offers a distributed IP network for web scraping to avoid blocks and rate limits.
  • momoproxy — MoMoProxy is a service that provides free and paid proxy lists for various protocols, including HTTP, HTTPS, and SOCKS.
  • ncro — Nix Cache Route Optimizer, or ncro, is a small HTTP proxy written in Rust that functions as an intermediary between the nix-daemon and configured substituters.
  • nyxproxy — A tool for building a self-hosted, rotating proxy gateway using IPv6 /64 subnets.
  • pangolin — Pangolin is a peer-to-peer alternative to Cloudflare Tunnels that utilizes a client-to-site VPN combined with an edge reverse proxy to provide cloaked HTTPS traffic.
  • productivityproxy — ProductivityProxy is a local macOS application that runs a proxy on the user's machine, allowing them to define custom request and response policies using a visual graph interface.
  • squid — Squid is a network proxy server that was historically used by IT administrators to block various sites deemed unproductive or out of bounds for education.
  • vnc2go — VNC2Go is described as a private, in-browser service that routes traffic through a random proxy.

Tools and libraries

  • ag2b — AG2B (Agent to Browser) is a client-side agentic runtime designed to allow an agent to execute its tasks directly within the user's browser.
  • aiohttp — AIOHTTP is an asynchronous HTTP Client/Server for asyncio and Python, used for creating bots and scr
  • Algolia — Client-side search API. EndClothing full catalog with no anti-bot despite Akamai on site.
  • AnyCrawl — MIT-licensed LLM-ready scraping API. JSON extraction mode, MCP server. No anti-bot bypass. Comparable to FireCrawl.
  • beautiful-code-screenshots-codeshot — CodeShot is an API toolkit designed for developers and AI agents that facilitates code screenshotting, website scraping, and link preview generation.
  • botasaurus — Python scraping framework with decorator-based API. Works locally against Cloudflare/DataDome/Kasada. Fails from server (SwiftShader exposure).
  • browser-use — Browser Use is a cloud-based browser automation platform that aims to create undetectable browsers.
  • camoufox — Custom Firefox build. Best performer on strict Cloudflare/DataDome configs. Bypasses reCAPTCHA v3 (2025).
  • canvas-fingerprint-defender — A browser extension that defends against canvas fingerprinting.
  • chaser-oxide — A Rust-based fork of chromiumoxide for hardened, undetectable browser automation.
  • cheerio — A library used in the Node.js environment for parsing HTML and extracting data from web pages.
  • childflow — childflow is a per-command-tree network sandbox designed for Linux environments.
  • clashmax — ClashMax is a native macOS graphical client built with SwiftUI that serves as a Mihomo proxy client.
  • crawl4ai — An open-source web crawler and scraper for LLM-friendly Markdown output.
  • curl-cffi — Python HTTP client with TLS impersonation. Critical for hybrid scraping. Also covers scrapy-impersonate and hrequests.
  • device-and-browser-info — A platform offering tools and articles for browser fingerprinting and bot detection.
  • dolphin-anty — Anti-detect browser for multi-account workflows. Scenarios builder, Profile Synchronizer, REST API. Free tier (10 profiles).
  • envoy — Envoy is an infrastructure component discussed in the context of Reddit's feed serving path.
  • facebookexternalhit — A specific user agent string used by the Facebook crawler to retrieve information about shared conte
  • feedstock — A high-performance web crawler and scraper for TypeScript, powered by Bun and Playwright.
  • fingerprinterjs — FingerprinterJS v2.0 is a browser fingerprinting and bot detection tool.
  • fpscanner — A lightweight browser fingerprinting library for bot detection.
  • ghost-cursor — Bezier/Fitts's Law mouse movement for Playwright. OxyMouse is a newer alternative with Gaussian and Perlin noise options.
  • go-http-client — An HTTP(s) client implemented in Golang used to make HTTP(s) requests from a Golang program.
  • gologin — Anti-detect browser, Orbita engine. Top benchmark performer 223/260 in 2024.
  • goscrapy — A high-performance web scraping framework for Go, designed with the familiar architecture of Python'
  • groxy — Groxy is a small Go library designed for building forward proxy servers.
  • guestlist-tools — guestlist is a free Python library and HTTP API designed to check whether AI agents and computer-use agents can access specific websites.
  • hodor — Hodor is a tiny reverse proxy written in Rust designed to gate web applications behind a single shared password.
  • hRequests — TLS-fingerprinted HTTP with embedded headless browser. Akamai/Cloudflare/PX pass; DataDome/Kasada fail.
  • iherb-cli — A Rust command-line tool for querying product data from iHerb using a headless browser.
  • intuned-agent — Intuned Agent is an agent designed to build, deploy, and maintain production-ready Playwright code for scrapers, crawlers, and RPA automations.
  • is-antibot — A library that detects antibot and CAPTCHA challenges from 30+ providers using signals.
  • ja3proxy — Go-based TLS Client Hello rewriter via uTLS.
  • Kadoa — Commercial AI scraping workflow platform. UI-driven, anti-bot included, 5 proxy locations.
  • kameleo — Anti-detect browser. Junglefox + Chroma. First to support Selenium + Playwright + Puppeteer simultaneously.
  • kimurai — A Ruby-based web scraping framework that uses AI to assist in data extraction.
  • libretto — A toolkit for building robust web integrations and maintaining browser automations.
  • linkedinbot — A scraper used by LinkedIn to gather information about shared URLs in posts or messages.
  • llmcap — LLMCap is a service designed to enforce hard dollar caps on LLM API calls across various providers.
  • lucidextractor — An enterprise web scraping and SEO analysis platform.
  • masterhttprelayvpn — A domain-fronted HTTP/SOCKS5 proxy tool that tunnels traffic through Google Apps Script for scraping
  • mitmproxy — mitmproxy is a small interceptor written in Python used to build a proxy, exemplified by the simple-proxy project.
  • mochi-js — mochi.js is a Bun-native, raw-CDP browser automation framework designed to create relationally-coherent fingerprints.
  • nodejs-based-scraper — A previous project mentioned in the series used NodeJS to collect temporary phone numbers and messag
  • Nodriver — Chrome automation without WebDriver layer. Passes CDP tests natively but cannot forge hardware fingerprint.
  • obscrd — An open-source content protection system for React that scrambles HTML and blocks AI crawlers.
  • obscura — A headless browser engine written in Rust for web scraping and AI agent automation.
  • open-bullet-2 — A credential stuffing tool that can be used for web scraping and automation.
  • owl-browser — A self-hosted browser automation engine for automation at scale with 256 parallel contexts and undet
  • playwright — Microsoft browser automation. Detectable by default, patchable via Patchright/Undetected Playwright.
  • proxelar — A Rust-based MITM proxy for intercepting and modifying HTTP/HTTPS traffic.
  • proxy-server — A service that brokers connections between the browser and phone.
  • puppeteer — A Node.js library which provides a high-level API to control Chrome or Chromium over the DevTools Pr
  • pydoll — Async CDP Chrome automation. Stability issues in 2026 benchmarks.
  • python-requests — A Python HTTP library for making HTTP(s) requests.
  • reader — An open-source, production-grade web scraping engine built for LLMs.
  • resurf — Resurf is a deterministic and reproducible test environment designed for systematically testing AI browser agents against realistic, stateful environments.
  • ricci-flow-ai-web-scraper — A Chrome extension for AI-powered web scraping that extracts data from websites and exports it to Ex
  • roxy — Roxy is a feature-rich RSS proxy written in Go that is designed to combine multiple RSS feeds into a single, queryable feed.
  • ScrapeGraphAI — LLM-powered scraping library and commercial API. Non-deterministic, best for horizontal multi-site extraction.
  • scrapingduck — A scraping API that handles IP rotation, JavaScript rendering, and provides a free tier for web scra
  • scrapingsandbox — A web scraping sandbox for learning and testing web scraping techniques.
  • scrapling — Python library with three fetchers (static, dynamic, stealth). 1735x faster than BS4. Fetcher class achieves 100% on Nike/Akamai without browser overhead.
  • Scrapoxy — Open-source proxy aggregator. Unifies providers and cloud VM egress. ~20% cost savings vs. pure cloud.
  • scrapy — Scrapy is a Python library that is used in typical web scraping setups.
  • sensecollect — SenseCollect is a self-service platform designed to simplify web data extraction for lead generation and market intelligence.
  • simple-selenium-chrome-crawler — A Python script that uses Selenium and Chrome to crawl web pages and extract links.
  • spidersuite — A powerful web crawler and security testing tool for penetration testers and security researchers.
  • spidra — A web scraping platform that uses AI to extract data from websites.
  • tadpole — A language for writing declarative, modular scraping code.
  • transparenttorproxy — A Linux CLI utility that transparently routes all system traffic through the Tor network using nftab
  • uaparser-js — A JavaScript library recommended for parsing user agents to extract browser and OS information.
  • undetected-chromedriver — Patched Selenium. Stagnant repo, succeeded by Nodriver/Zendriver.
  • webassembly-simd — WebAssembly SIMD refers to Single Instruction, Multiple Data operations introduced to the WebAssembly specification.
  • wick — Wick is an open-source tool that allows AI agents to access web pages as if they were real browsers.
  • wxpath — wxpath is a Python library for declarative web crawling using XPath.

Web Unblockers

  • Oxylabs Web Unblocker — 96/100 overall. Cheapest on Kasada benchmark ($0.10/101 URLs). Best dashboard.
  • Smartproxy Site Unblocker — 80/100 overall. $12/GB. Kasada improved from 0% (2023) to 92% (2024).
  • Zyte API — 100/100 with browser rendering. Fails Kasada. Per-request dynamic pricing. Scrapy integration via scrapy-zyte-api.

Concepts

  • ai-scraping-assistants — AI scraping assistants are setups where a large language model is embedded into the development workflow to generate, modify, or repair scrapers — rather than to extract data at runtime. The LLM acts as an accelerator for the developer, not as a replacement for the scraper itself. The canonical current form is an AI-powered IDE (Cursor) connected to custom tooling via the Model Context Protocol (MCP).
  • Anti-Detect Browsers — Anti-detect browsers are Chromium or Firefox forks engineered to present a consistent, plausible fingerprint from a database of real device profiles. Unlike standard browser automation which exposes the actual hardware and software environment of the machine running the scraper, anti-detect browsers attach a pre-built fingerprint from a real consumer device to the automation session, regardless of the actual underlying hardware.
  • API Scraping — API scraping is the practice of identifying and replicating the internal HTTP requests that a browser or app makes to fetch data, bypassing HTML parsing entirely. The data is already structured, usually JSON, and the endpoint is observable by monitoring network traffic in DevTools or a proxy tool.
  • Bot Detection — Bot detection is the umbrella discipline of identifying automated traffic on a website and distinguishing it from legitimate human visitors. It sits opposite to web scraping: the same fingerprints, behaviors, and protocol-level traces that scrapers try to hide are what detection systems look for. Reading the detection literature is the most direct way for a scraper engineer to understand which signals actually leak.
  • browser-fingerprinting — A stateless, cookieless tracking mechanism that identifies browsers by collecting and hashing the outputs of browser APIs. Unlike cookies, fingerprints require no storage on the client and persist across sessions, incognito modes, and cookie clears.
  • canvas-fingerprinting — Canvas fingerprinting is a stateless tracking technique that identifies a device by drawing graphics off-screen and hashing the resulting pixels. Two machines asked to render the same text and shapes produce subtly different pixel output, because the final image depends on the GPU, the graphics driver, the font rasterizer, and the anti-aliasing settings of that specific machine. The hash of those pixels becomes a high-entropy identifier that needs no cookie and survives incognito mode and cache clears.
  • cdp-detection — A detection technique that identifies browser automation by observing the Chrome DevTools Protocol (CDP) commands sent to the browser during page load. CDP is the underlying control protocol used by Playwright, Puppeteer, Selenium (on Chromium), and related frameworks. Anti-bot systems can detect its presence independently of any JavaScript-level signals.
  • Certificate Pinning — Certificate pinning is a security mechanism in mobile apps that causes the app to reject any TLS certificate that does not match a specific expected certificate or public key, regardless of whether the device's OS trusts the certificate authority. It prevents man-in-the-middle inspection even on a device where the inspector's root CA has been installed.
  • cookie-session-reuse — A technique where anti-bot clearance cookies obtained through one browser session are extracted and reused across multiple subsequent requests made by a browserless HTTP client. The browser absorbs the cost of the challenge once; the HTTP client amortizes that cost across many requests.
  • homepage-first-navigation — A navigation pattern where a scraper visits the site's homepage (or another entry-point URL) before accessing any deep content pages. The purpose is to establish session state — cookies, fingerprint checks, and anti-bot challenges — in the same sequence a real user would encounter them.
  • HTTP Performance in Scraping — HTTP performance optimization for scraping covers the set of techniques that reduce execution time, bandwidth cost, and infrastructure requirements without changing the data extracted. The main levers are concurrency, protocol selection, caching, and retry behavior.
  • hybrid-scraping — An architecture that uses a full browser only for the portions of a session that require anti-bot clearance, then hands off to a lightweight HTTP client for all subsequent data requests. The browser handles authentication and challenge resolution; the HTTP client handles scale.
  • inventory-tracking — Inventory tracking through web scraping is the practice of monitoring the stock levels of products on e-commerce sites and retail websites by extracting data that those sites expose for operational purposes — usually to power their own availability and pickup features. The extracted data is most valuable as a repeated time series rather than a single snapshot.
  • llm-scraping — Using a large language model to extract structured data from web pages, replacing or supplementing traditional CSS selector or XPath-based parsing. The LLM interprets the page content — either raw HTML, cleaned text, or a screenshot — and returns structured output matching a defined schema. A separate but related use case is using LLMs to generate scraper code rather than to parse data at runtime.
  • location-data-scraping — Location data scraping covers the techniques for extracting data that is spatially indexed — store locators, accommodation listings, restaurant maps, delivery zones — where the API requires geographic inputs (coordinates, radius, or bounding box) and returns data for the area specified. The central challenge is ensuring complete geographic coverage without issuing redundant or missing queries.
  • ML-Based Bot Detection — ML-based bot detection refers to the use of machine learning models to classify web traffic as human or automated. Unlike rule-based systems (IP blocklists, simple rate limits, user-agent checks), ML models learn from behavioral patterns across large traffic datasets and can identify subtle automation signals that static rules miss.
  • Mobile App Scraping — Mobile app scraping is the practice of intercepting the network traffic generated by a mobile app and replicating the underlying API calls in a scraper. Since mobile apps communicate with backends through the same HTTP/HTTPS protocol as browsers, the data they fetch can be captured and reproduced.
  • Mobile Proxy Farming — Mobile proxy farming is the practice of building and operating infrastructure that routes proxy traffic through real cellular network connections — typically USB modems or SIM-equipped hardware — to produce genuine mobile IP addresses with CGNAT-level trust properties. Unlike SDK-sourced residential proxies, which borrow device connections from consumer apps, a proxy farm gives the operator full control over the hardware, IP rotation, and connectivity.
  • Mouse Movement Emulation — Mouse movement emulation is the practice of generating pointer trajectories that match the statistical properties of human hand movement during browser automation. Anti-bot systems that monitor mouse events can distinguish between the instantaneous or straight-line movements produced by automation frameworks and the curved, velocity-varied paths that humans produce. Emulation attempts to make automated mouse behavior indistinguishable from real user input at the event listener level.
  • proxy-fundamentals — Proxies route outbound HTTP requests through an intermediate IP address, changing the apparent origin of the request. In a scraping context, the proxy's IP reputation, ASN, and network type are often more consequential than any browser-level signal.
  • Scraping Infrastructure — Scraping infrastructure encompasses the compute, storage, scheduling, monitoring, and proxy management systems that run scrapers reliably at scale. The choice of infrastructure directly determines cost structure, IP rotation capability, and operational overhead. A scraper that works on a laptop fails at 100,000 requests per day without the right infrastructure beneath it.
  • scraping-economics — The economics of web scraping encompass the cost structure of running scraping operations, the business models for monetizing scraped data, and the market dynamics of the web data industry. The industry spans two distinct roles: those who sell the infrastructure and tools that enable scraping ("selling shovels"), and those who scrape and sell the resulting data.
  • tls-fingerprinting — A detection technique that identifies the client making an HTTPS request by analyzing the structure of its TLS ClientHello message, before any application-layer data is exchanged. The most common implementation is JA3, which produces an MD5 hash from five fields in the handshake: TLS version, cipher suite IDs, extension IDs, elliptic curve IDs, and elliptic curve format IDs.
  • Web Unblockers — A web unblocker is a managed API that accepts a target URL and returns the page content after transparently handling IP rotation, CAPTCHA solving, browser fingerprinting, and anti-bot bypass on the provider's infrastructure. The caller makes a standard HTTP request; the provider does the work of getting through the target's defenses.
  • web-scraping-legal-landscape — The legal landscape for web scraping is a contested, evolving body of case law and regulation across multiple jurisdictions. No single statute governs it. Whether any particular scraping operation is legal depends on the interaction of: the Computer Fraud and Abuse Act (CFAA), the Digital Millennium Copyright Act (DMCA), copyright law, contract law (Terms of Service), and in Europe, the GDPR. The area has shifted materially between 2022 and 2026, with courts increasingly being asked to define where public data access ends and illegal circumvention begins.
  • WebDriver vs CDP vs WebDriver BiDi — Three distinct protocols exist for controlling a browser programmatically. They differ in design origin, transport mechanism, browser support, and what detection surface they expose. Choosing the wrong one for a scraping context can introduce detection vectors that are independent of any fingerprint or behavior emulation.
  • webrtc-ip-leak — A WebRTC IP leak is when a page learns a client's real LAN or WAN IP address through the WebRTC API, even though the client's HTTP traffic is routed through a proxy. It happens because WebRTC gathers network candidates over UDP, on a path that an ordinary HTTP proxy does not control. For a scraper this is a coherence failure: the site sees one IP for the page requests (the proxy) and a different IP for WebRTC (the real machine), and the mismatch is a strong automation and evasion signal.
  • WebSocket Bot Detection — WebSocket bot detection refers to anti-bot techniques that exploit the stateful, persistent nature of the WebSocket protocol to identify automated clients. Because WebSocket connections are long-lived and bidirectional, servers can monitor client behavior continuously over the connection lifetime, enabling detection patterns that are not possible with stateless HTTP.
  • websocket-scraping — WebSocket scraping is the practice of connecting to a site's WebSocket endpoint directly, subscribing to the same channels the browser subscribes to, and receiving the same real-time data stream. Unlike HTTP scraping, which is request-response, WebSocket connections are persistent and bidirectional. The server pushes updates without the client polling.

Comparisons

  • Anti-Detect Browser Benchmark 2024 — Eight commercial anti-detect browsers evaluated against a standardized fingerprint detection test suite. The comparison measures how convincingly each browser impersonates a real consumer device when probed by the same fingerprinting methods that anti-bot systems use.
  • Camoufox vs its forks — After development of Camoufox moved to CloverLabs in 2026, its public repository grew past 750 forks. Most are mirror bots with no commits of their own. This page compares stock Camoufox against the three forks that actually change anti-detect behavior, and records which one to run against a real target. The comparison is grounded in our 2026-06 testing against Datadome on leboncoin.fr, not on the forks' stated goals.
  • Firefox-based vs Chrome-based Stealth Tools — Firefox-based stealth tools (primarily Camoufox) against Chrome-based stealth tools (Pydoll, undetected-chromedriver, Patchright) for bypassing anti-bot systems. This comparison matters because the browser engine choice has a measurable impact on bypass success rates, independently of the stealth techniques applied on top.

Timelines

  • Cloudflare Bypass Evolution — How Cloudflare bypass techniques have evolved as Cloudflare has progressively tightened its defenses. This timeline tracks what worked, what stopped working, and what replaced it, based on TWSC's direct testing.