HackerTrans
TopNewTrendsCommentsPastAskShowJobs

seleniumbase

no profile record

Submissions

Stealthy Playwright Mode: Bypass CAPTCHAs and Bot-Detection [video]

youtube.com
5 points·by seleniumbase·7 месяцев назад·4 comments

High-speed CAPTCHA-bypass with Python / PyAutoGUI [video]

youtube.com
8 points·by seleniumbase·9 месяцев назад·1 comments

Web-scraping past bot-detection from GitHub Actions (e.g. Walmart prices)

github.com
11 points·by seleniumbase·10 месяцев назад·0 comments

SeleniumBase: Python APIs for web automation and bypassing bot-detection

github.com
177 points·by seleniumbase·2 года назад·67 comments

comments

seleniumbase
·7 месяцев назад·discuss
Looks like that one hasn't received any major updates in awhile.
seleniumbase
·7 месяцев назад·discuss
The secret ingredient is to use Playwright's `connect_over_cdp()` method to connect to an existing browser that is already stealthy. Playwright can then perform its usual actions without being detected by anti-bot services. Example setup: `browser = playwright.chromium.connect_over_cdp("http://localhost:9222")`
seleniumbase
·9 месяцев назад·discuss
Mix in some Python, PyAutoGUI, SeleniumBase, ThreadPoolExecutor, and then you get some serious multi-threaded CAPTCHA-bypass.
seleniumbase
·2 года назад·discuss
You can set `browser="firefox"`, but there's no stealth mode for it.
seleniumbase
·2 года назад·discuss
Here's an example that bypasses Kasada on the Hyatt website: https://github.com/seleniumbase/SeleniumBase/blob/master/exa...
seleniumbase
·2 года назад·discuss
It's OK. No offense was taken. It almost looked like the conversation was expanding into a "Python vs Java" debate, but (thankfully) it did not. I've seen both worlds. I've seen advantages to both. I decided to stay in the Python world.
seleniumbase
·2 года назад·discuss
Thank you!
seleniumbase
·2 года назад·discuss
The biggest issue with going from a home machine to a server is that you may lose having a "residential IP address", which is something that you'll want to have in order to prevent automation from being blocked outright. Hence the popularity of residential proxies. However, some servers live in a residential IP space, which makes them optimal for running web automation in. As was partially covered in https://www.youtube.com/watch?v=Mr90iQmNsKM, GitHub Actions appears to live in a "Residential IP space", which makes it a good server choice for web automation.
seleniumbase
·2 года назад·discuss
The "Python vs Java" debate is probably one for a different Hacker News post. :)
seleniumbase
·2 года назад·discuss
SeleniumBase CDP Mode uses `DOM.scrollIntoViewIfNeeded` (https://chromedevtools.github.io/devtools-protocol/tot/DOM/#...), so it only scrolls when elements are offscreen, rather than always scrolling. This reduces the number of scrolls needed. Also, it seems that most anti-bot services are not looking at scrolling as a way of identifying users.
seleniumbase
·2 года назад·discuss
Patching chromedriver is a lot easier than patching the browser. Plus, if you're just using a regular Chrome browser for the automation, then there's nothing to patch. Automated CDP calls aren't detectable if they don't leave any trace of automation activity. However, since Google created CDP, they might have ways of detecting automated CDP in ways that other services cannot.
seleniumbase
·2 года назад·discuss
There are live demos on YouTube of SeleniumBase bypassing CAPTCHAs (if you want see first): https://www.youtube.com/watch?v=Mr90iQmNsKM
seleniumbase
·2 года назад·discuss
There's actually a lot of examples being used for testing (https://github.com/seleniumbase/SeleniumBase/tree/master/exa...), which are run regularly (locally and in GitHub Actions). Plus, a lot of major companies are using SeleniumBase: https://github.com/seleniumbase/SeleniumBase/blob/master/hel... (if something breaks, I find out quickly)
seleniumbase
·2 года назад·discuss
There's a reCAPTCHA on the Pokemon website. This SeleniumBase example bypassed it: https://github.com/seleniumbase/SeleniumBase/blob/master/exa...
seleniumbase
·2 года назад·discuss
Call it "legacy code" if you'd like. That specific part is from a less common feature for setting options when running on a Selenium Grid. The new CDP Mode isn't compatible with The Grid (since CDP Mode makes direct CDP API calls without making Selenium API calls).
seleniumbase
·2 года назад·discuss
That patches chromedriver, (which gets renamed to uc_driver), but patching by itself isn't enough to bypass bot-detection. SeleniumBase also sets specific Chrome options and modifies methods to use the Chrome Devtools Protocol.
seleniumbase
·2 года назад·discuss
With SeleniumBase, you can bypass CAPTCHAs with one line of code: `sb.uc_gui_click_captcha()`
seleniumbase
·2 года назад·discuss
That method came from code that I accepted in a PR from December 31, 2019: https://github.com/seleniumbase/SeleniumBase/pull/459 Not a true representation of most of the code today.
seleniumbase
·2 года назад·discuss
SeleniumBase modifies the webdriver so that it doesn't get detected when used alongside the CDP stealth mode and methods. It'll download chromedriver for you. Not sure what you mean by the multiple branches, as there's just the primary one. What 1000-line methods are you referring to? By "flags", do you mean the different command-line options available? As for Playwright, they aren't undetected: See https://github.com/microsoft/playwright/issues/23884#issueco... - "Playwright is an end-to-end testing framework, where we expect you test on your own environments. Bypassing any form of bot protection is not something we can act on. Thanks for your understanding." On the contrary, SeleniumBase is OK with bypassing bot detection: https://github.com/seleniumbase/SeleniumBase/blob/master/exa...