« All posts

Fortress MCP: A Stealth Browser That Lets AI Agents Bypass Blocks

Fortress MCP is an open-source, locally running MCP server that helps AI agents bypass anti-bot systems like Cloudflare and DataDome.

Fortress MCP, part of the Tilion project, is an MCP server that gives AI agents like Claude Code a way to break through anti-bot walls such as Cloudflare, DataDome, PerimeterX, or CAPTCHA challenges. When a normal fetch returns a 403, the agent can call Fortress tools to drive a real, recompiled Chromium instance on the user's own machine and IP, returning the page as clean JSON. Because stealth is implemented natively at the C++ engine level rather than via JS injection, the browser passes detection suites like Sannysoft, CreepJS, and BrowserScan as non-headless.

The project ships 29 tools covering protected page fetching, reader-mode markdown extraction, document conversion (PDF/DOCX/etc.), form interaction, site crawling, WAF fingerprinting, cookie/session persistence, and CAPTCHA solving. Tools are annotated for read/write safety, guarded against SSRF, and timeout-capped, with a pre-warmed browser giving ~100ms response on the first call. Published benchmarks show built-in fetch tools failing outright on JS-rendered pages or Reddit listings, while Fortress MCP completes the same tasks reliably and up to 12x faster.

Installation is via pip, with the engine downloading natively on Linux/Windows and running as a Docker container (Colima recommended) on macOS. Released under BSD-3, it plugs into MCP-compatible clients like Claude Desktop, Cursor, Cline, and Windsurf, and also exposes a CDP endpoint for custom Playwright or Puppeteer workflows. The project addresses a practical pain point for engineers building web-facing AI agents: reliably getting past bot detection without relying on third-party scraping APIs.

» SourceHashnode #17