A comprehensive open-source browser privacy tool that randomizes fingerprints, blocks cookies, and automatically identifies and blocks trackers
π GitHub Repository: https://github.com/SoMaCoSF/browser-privacy-proxy π¦ License: MIT (Educational Use) π€ Built with: Python 3.12, mitmproxy, SQLite
Every time you browse the web, you're being tracked. Not just with cookies (which are easy to block), but through sophisticated browser fingerprinting techniques that identify you even in "private" mode:
- User-Agent strings reveal your OS, browser, and version
- HTTP headers leak your language, timezone, and preferences
- Cookie tracking follows you across sites
- Third-party trackers build profiles of your behavior
- IP-based tracking links all your activity
Even with ad blockers and privacy extensions, your browser fingerprint remains relatively static and trackable. This tool addresses that by becoming a dynamic, ever-changing privacy shield between your browser and the internet.
Privacy Proxy sits between your browser and the internet as a local HTTPS proxy, intercepting and modifying traffic in real-time:
βββββββββββββββ ββββββββββββββββββββ ββββββββββββββββ
β Browser ββββββββββΆβ Privacy Proxy ββββββββββΆβ Internet β
β (You) β β (Anonymizer) β β (Trackers) β
βββββββββββββββ ββββββββββββββββββββ ββββββββββββββββ
β β
β β’ Randomize UA β
β β’ Block Cookies β
β β’ Strip Headers β
β β’ Log Trackers β
β β’ Auto-block β
ββββββββββββββββββββ
graph TB
subgraph "Browser"
B[Web Browser]
end
subgraph "Privacy Proxy System"
PS[Proxy Server<br/>127.0.0.1:8080]
subgraph "Core Components"
FR[Fingerprint<br/>Randomizer]
CI[Cookie<br/>Interceptor]
TB[Traffic<br/>Blocker]
DH[Database<br/>Handler]
end
subgraph "Data Layer"
DB[(SQLite Database)]
end
subgraph "Management"
MC[Management CLI]
end
end
subgraph "Internet"
WS[Web Servers]
end
B -->|HTTP/HTTPS| PS
PS --> FR
PS --> CI
PS --> TB
FR --> DH
CI --> DH
TB --> DH
DH --> DB
MC -->|Query/Export| DB
PS -->|Modified Request| WS
WS -->|Response| PS
PS -->|Filtered Response| B
style PS fill:#4CAF50
style FR fill:#2196F3
style CI fill:#FF9800
style TB fill:#F44336
style DB fill:#9C27B0
Your browser fingerprint changes on every request (or at configurable intervals), making tracking impossible:
- Random User-Agent (Chrome, Firefox, Safari, Edge - rotates between them)
- Random Accept-Language (en-US, de-DE, fr-FR, etc.)
- Random Accept-Encoding (gzip, deflate, br)
- Platform Randomization (Windows, macOS, Linux)
- DNT Header Randomization (Do Not Track)
- Strips Referer and tracking headers
4 Rotation Modes:
every_request- New fingerprint on every single request (maximum privacy)interval- Rotate every N seconds (e.g., every 5 minutes)new_tab- Rotate when opening new tab (requires extension, planned)launch- Rotate only when browser starts (minimal mode)
True "dev/null" behavior - cookies are intercepted and discarded before they ever reach your browser:
- Bidirectional blocking (request AND response)
- Pattern-based detection (identifies tracking cookies by name)
- All cookie attempts logged to database for analysis
- Whitelist support for sites you trust
Automatically learns and blocks trackers based on behavior:
- Pattern matching (blocks known trackers like google-analytics, doubleclick, facebook pixels)
- Hit-count based auto-blocking (if a domain attempts tracking 3+ times, it gets blocked)
- Database persistence (blocklist survives restarts)
- Export capability (export to hosts file, text, JSON)
Everything is logged for forensic analysis:
- Cookie attempts (who tried to track you, when, and how)
- Tracking domains/IPs (build a profile of tracking infrastructure)
- Request logs (full HTTP request history)
- Fingerprint rotations (when and how your fingerprint changed)
- Whitelisted domains (sites you explicitly trust)
Powerful command-line interface for monitoring and control:
# View statistics
python manage.py stats
# See what's being blocked
python manage.py domains --limit 50
python manage.py ips --limit 50
# Export blocklist
python manage.py export blocklist.txt --format hosts
# Whitelist a site
python manage.py whitelist mybank.comHere's what happens to every request:
flowchart TD
Start([Browser Request]) --> CheckBlock{Check Traffic Blocker}
CheckBlock -->|Whitelisted| FingerprintCheck
CheckBlock -->|Domain Blocked| Block1[Kill Connection]
CheckBlock -->|IP Blocked| Block1
CheckBlock -->|Pattern Match| Block1
CheckBlock -->|Not Blocked| FingerprintCheck
Block1 --> LogBlock[Log Blocked Request]
LogBlock --> End1([Return 403/Kill])
FingerprintCheck{Should Rotate<br/>Fingerprint?} -->|Yes| GenFingerprint[Generate New<br/>Fingerprint]
FingerprintCheck -->|No| UseFingerprint[Use Current<br/>Fingerprint]
GenFingerprint --> LogFingerprint[Log to DB]
LogFingerprint --> ApplyFingerprint[Apply to Headers]
UseFingerprint --> ApplyFingerprint
ApplyFingerprint --> CheckCookies{Cookies in<br/>Request?}
CheckCookies -->|Yes| ParseCookies[Parse Cookies]
CheckCookies -->|No| LogRequest
ParseCookies --> CheckEachCookie{For Each Cookie}
CheckEachCookie --> CheckWhitelist{Whitelisted?}
CheckWhitelist -->|Yes| AllowCookie[Allow Cookie]
CheckWhitelist -->|No| CheckPattern{Matches<br/>Pattern?}
CheckPattern -->|Yes| BlockCookie[Block Cookie]
CheckPattern -->|No, but block_all=true| BlockCookie
CheckPattern -->|No, block_all=false| AllowCookie
BlockCookie --> LogCookie[Log to DB]
LogCookie --> TrackDomain[Track Domain/IP]
AllowCookie --> LogRequest
TrackDomain --> LogRequest
LogRequest[Log Request] --> ForwardRequest[Forward to Server]
ForwardRequest --> End2([Wait for Response])
style Start fill:#4CAF50
style End1 fill:#F44336
style End2 fill:#2196F3
style Block1 fill:#F44336
style BlockCookie fill:#FF9800
The tool offers three preset privacy levels:
fingerprint:
rotation_mode: "every_request" # New fingerprint EVERY request
cookies:
block_all: true # Block ALL cookies
blocking:
auto_block_threshold: 1 # Block after first tracking attemptEffect: Nearly impossible to track, but may break some websites Use case: Maximum anonymity, sensitive browsing, research
fingerprint:
rotation_mode: "interval" # Rotate every 5 minutes
rotation_interval: 300
cookies:
block_all: true # Block all cookies
blocking:
auto_block_threshold: 3 # Block after 3 attemptsEffect: Strong privacy with good compatibility Use case: Daily browsing, general privacy protection
fingerprint:
rotation_mode: "launch" # Rotate only on browser start
cookies:
block_all: false # Allow cookies (but log them)
blocking:
auto_block: false # Don't block, just logEffect: Minimal privacy, maximum compatibility Use case: Testing, debugging, compatibility checks
All tracking data is stored in SQLite for analysis:
erDiagram
tracking_domains ||--o{ tracking_ips : "associated_domain"
tracking_domains ||--o{ cookie_traffic : "domain"
fingerprint_rotations ||--o{ request_log : "fingerprint_id"
tracking_domains {
int id PK
text domain UK
timestamp first_seen
timestamp last_seen
int hit_count
boolean blocked
text category
text notes
}
tracking_ips {
int id PK
text ip_address UK
timestamp first_seen
timestamp last_seen
int hit_count
boolean blocked
text associated_domain FK
text notes
}
cookie_traffic {
int id PK
timestamp timestamp
text domain
text cookie_name
text cookie_value
text ip_address
text request_url
boolean blocked
}
fingerprint_rotations {
int id PK
timestamp timestamp
text user_agent
text platform
text accept_language
text accept_encoding
text rotation_trigger
}
request_log {
int id PK
timestamp timestamp
text method
text url
text host
text ip_address
int fingerprint_id FK
boolean blocked
text block_reason
}
whitelist {
int id PK
text domain UK
timestamp added
text reason
}
- Python 3.10+ (3.12+ recommended)
- Windows 10/11, Linux, or macOS
- pip or
uvpackage manager
The easiest way to get started:
# Clone the repository
git clone https://github.com/SoMaCoSF/browser-privacy-proxy.git
cd browser-privacy-proxy
# Install rich (for beautiful TUI)
pip install rich
# Run the interactive setup wizard
python setup_tui.pyThat's it! The TUI wizard will:
- β Check prerequisites automatically
- β Create virtual environment
- β Install all dependencies
- β Set up directories
- β Let you choose privacy level (with presets!)
- β Initialize database
- β Verify everything works
- β Show you next steps
# Create virtual environment
uv venv .venv
# or: python -m venv .venv
# Activate it
.venv\Scripts\activate.ps1 # Windows
# or: source .venv/bin/activate # Linux/Mac
# Install dependencies
uv pip install -r requirements.txt
# or: pip install -r requirements.txtThe interactive setup wizard provides a beautiful terminal UI:
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β π‘οΈ PRIVACY PROXY SETUP WIZARD π‘οΈ β
β β
β Browser Anonymization & Tracker Blocking Tool β
β Version 1.0.0 β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
7-Step Guided Process:
- Prerequisites Check - Validates Python, pip/uv, git
- Virtual Environment - Creates
.venvautomatically - Dependencies - Installs packages with progress bar
- Directories - Sets up database/, logs/, config/
- Privacy Configuration - Interactive level selection
- Database Initialization - Creates SQLite DB
- Verification - Confirms everything works
Privacy Level Presets:
ββββββ¬βββββββββββββββββββββββββββ¬ββββββββββββββββββββββββββββββ
β 1 β Maximum (Paranoid) β New fingerprint every req β
β 2 β Balanced (Recommended) β Rotate every 5 minutes β
β 3 β Minimal (Testing) β Log only, no blocking β
β 4 β Custom β Manual configuration β
ββββββ΄βββββββββββββββββββββββββββ΄ββββββββββββββββββββββββββββββ
# Activate virtual environment (if not already active)
.venv\Scripts\activate.ps1 # Windows
# or: source .venv/bin/activate # Linux/Mac
# Start the proxy
python start_proxy.py
# You'll see:
# ======================================================================
# PRIVACY PROXY - Browser Anonymization Tool
# ======================================================================
# Host: 127.0.0.1
# Port: 8080
# ======================================================================Firefox:
- Settings β Network Settings β Manual proxy configuration
- HTTP Proxy:
127.0.0.1, Port:8080 - HTTPS Proxy:
127.0.0.1, Port:8080 - Check "Also use this proxy for HTTPS"
Chrome/Edge:
- Settings β System β Open proxy settings
- LAN Settings β Use proxy server
- Address:
127.0.0.1, Port:8080
For HTTPS interception to work:
- Visit:
http://mitm.it - Download certificate for your OS
- Install and trust the certificate
- Restart browser
# In a new terminal
.venv\Scripts\activate.ps1
python manage.py stats
# Output:
# ======================================================================
# PRIVACY PROXY STATISTICS
# ======================================================================
# Total Requests: 156
# Blocked Domains: 23
# Blocked IPs: 12
# Blocked Cookies: 487
# Fingerprint Rotations: 156
# ======================================================================Let's say you visit www.example.com:
Request Headers:
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) Chrome/122.0.0.0
Accept-Language: en-US,en;q=0.9
Referer: https://google.com/search?q=example
Cookie: _ga=GA1.2.1234567890; session_id=abc123
Response Headers:
Set-Cookie: tracking_id=xyz789; Domain=.example.com
Set-Cookie: _analytics=data123; Domain=.example.com
Result: You've been fingerprinted and tracked.
Modified Request Headers:
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Safari/537.36
Accept-Language: fr-FR,fr;q=0.9
[Referer: REMOVED]
[Cookie: REMOVED]
Modified Response Headers:
[Set-Cookie: BLOCKED - Logged to database]
[Set-Cookie: BLOCKED - Logged to database]
Result: You appear as a French Safari user on macOS with no cookies. Next request? Completely different fingerprint.
The proxy learns and adapts:
flowchart TD
Start([Tracking Event]) --> Identify{Event Type}
Identify -->|Cookie Attempt| AddDomain[Add/Update<br/>tracking_domains]
Identify -->|IP Connection| AddIP[Add/Update<br/>tracking_ips]
Identify -->|Pattern Match| ImmediateBlock[Immediate Block]
AddDomain --> IncrementDomain[Increment hit_count]
AddIP --> IncrementIP[Increment hit_count]
IncrementDomain --> CheckDomainThreshold{hit_count >=<br/>threshold?}
IncrementIP --> CheckIPThreshold{hit_count >=<br/>threshold?}
CheckDomainThreshold -->|Yes| AutoBlockDomain[Set blocked=1<br/>for domain]
CheckDomainThreshold -->|No| LogOnly1[Log Only]
CheckIPThreshold -->|Yes| AutoBlockIP[Set blocked=1<br/>for IP]
CheckIPThreshold -->|No| LogOnly2[Log Only]
ImmediateBlock --> AddToBlocklist[Add to blocklist<br/>with category]
AutoBlockDomain --> NotifyDomain[Log: Auto-blocked<br/>domain]
AutoBlockIP --> NotifyIP[Log: Auto-blocked<br/>IP]
AddToBlocklist --> NotifyPattern[Log: Pattern-blocked]
NotifyDomain --> FutureRequests[Block Future<br/>Requests]
NotifyIP --> FutureRequests
NotifyPattern --> FutureRequests
FutureRequests --> End2([Blocked])
style ImmediateBlock fill:#F44336
style AutoBlockDomain fill:#FF5722
style AutoBlockIP fill:#FF5722
style End2 fill:#F44336
python manage.py statsOutput:
======================================================================
PRIVACY PROXY STATISTICS
======================================================================
Total Requests: 1,247
Blocked Domains: 87
Blocked IPs: 34
Blocked Cookies: 2,156
Fingerprint Rotations: 1,247
======================================================================
python manage.py domains --limit 20Output:
======================================================================
TOP 20 BLOCKED DOMAINS
======================================================================
Domain Hits Category
----------------------------------------------------------------------
www.google-analytics.com 234 pattern-match
doubleclick.net 187 cookie-tracker
facebook.com 156 cookie-tracker
googletagmanager.com 143 pattern-match
...
# Export as hosts file format
python manage.py export myblocklist.txt --format hosts
# Export as plain text
python manage.py export myblocklist.txt --format text
# Export as JSON
python manage.py export myblocklist.json --format listpython manage.py whitelist mybank.com --reason "trusted banking site"python manage.py block evil-tracker.com --category "malicious"The SQLite database (database/browser_privacy.db) contains:
- Every cookie attempt - Who tried to track you, when, and with what cookie
- Every tracking domain - Domains identified as trackers with hit counts
- Every tracking IP - IP addresses associated with tracking domains
- Every request - Full HTTP request log with fingerprint info
- Fingerprint rotations - When and why your fingerprint changed
- Whitelist - Domains you've explicitly trusted
You can query this database directly:
-- Top tracking domains
SELECT domain, hit_count, category
FROM tracking_domains
WHERE blocked = 1
ORDER BY hit_count DESC
LIMIT 50;
-- Cookie attempts in last 24 hours
SELECT domain, COUNT(*) as attempts
FROM cookie_traffic
WHERE timestamp >= datetime('now', '-1 day')
GROUP BY domain
ORDER BY attempts DESC;- Analyze tracking infrastructure
- Identify new tracking techniques
- Study cookie behavior across sites
- Export data for academic research
- Daily browsing with maximum privacy
- Protect against targeted advertising
- Prevent behavioral profiling
- Maintain anonymity online
- Test website behavior with different fingerprints
- Identify tracking mechanisms in your own applications
- Verify privacy controls are working
- Audit third-party integrations
- Learn about HTTP/HTTPS internals
- Understand browser fingerprinting
- Study tracking ecosystem
- Teach privacy concepts
β Randomizes browser fingerprints β Blocks cookies bidirectionally β Automatically blocks known trackers β Logs all tracking attempts for analysis β Provides detailed privacy statistics
β Hide your IP address (use Tor/VPN for that) β Hide DNS queries (use private DNS) β Prevent WebRTC leaks (disable in browser) β Randomize canvas/WebGL fingerprints (requires extension) β Protect against JavaScript-based fingerprinting (use NoScript)
- Python 3.12 - Modern Python with type hints
- mitmproxy 12.2 - Industrial-strength HTTP/HTTPS proxy
- SQLite 3 - Embedded database for tracking data
- fake-useragent - User-Agent randomization library
- PyYAML - Configuration management
- Latency: ~10-50ms per request (depends on rotation mode)
- Memory: ~50-100MB (with database in memory)
- Disk: Database grows ~1MB per 10,000 requests
- Thread-safe: Handles concurrent requests safely
- Thread-local database connections for safety
- No network communication (everything is local)
- Certificates stored locally in
~/.mitmproxy/ - Database is unencrypted (contains browsing history)
fingerprint:
rotation_mode: "interval"
rotation_interval: 180 # Rotate every 3 minutesblocking:
block_patterns:
- ".*analytics.*"
- ".*tracking.*"
- ".*yourcompany.*" # Block your company's trackersfingerprint:
randomize_user_agent: true
randomize_accept_language: false # Keep consistent language
strip_referer: true
cookies:
block_all: false # Allow cookies but log them
log_attempts: truedatabase:
log_requests: false # Disable request logging for speed
log_cookies: true # Keep cookie logging
log_fingerprints: false # Disable fingerprint logging- README.md - Complete user guide with setup instructions
- QUICKSTART.md - 5-minute setup guide
- ARCHITECTURE.md - Technical architecture with 15+ diagrams
- TUI_SETUP_GUIDE.md - Interactive setup wizard documentation
- GIST_CONTENT.md - This comprehensive forum post
- development_diary.md - Development log and decisions
- Inline code documentation - All functions documented
This is an educational project. Contributions welcome!
Areas for improvement:
- Browser extension for better integration
- WebRTC blocking
- Canvas/WebGL fingerprint randomization
- Machine learning for tracker detection
- Web dashboard for management
- Multi-profile support
- Lines of Code: ~2,500+
- Python Files: 9 (includes TUI setup wizard)
- Components: 4 core + 1 database handler + 1 TUI installer
- Database Tables: 7
- Configuration Options: 25+
- Management Commands: 8
- Documentation Files: 6
- Mermaid Diagrams: 15+
- Setup Methods: 3 (TUI, Script, Manual)
v1.1.0 - Interactive TUI Setup System
Just added a beautiful, interactive TUI setup wizard that makes installation trivial:
- β¨ Beautiful Terminal UI - Color-coded, with progress bars and tables
- π― One Command Setup -
python setup_tui.pydoes everything - π Privacy Presets - Choose from 4 preconfigured privacy levels
- β Auto-Verification - Checks all components automatically
- π Cross-Platform - Works on Windows, Linux, and macOS
- π Smart Defaults - Uses uv if available, falls back to pip
- π‘οΈ Error Prevention - Validates before doing anything
Before: 10+ manual commands, 10-15 minutes After: 1 command, 3-5 minutes
As an AI assistant (Claude Sonnet 4.5), I built this entire project across multiple sessions. Here are some interesting insights:
- Thread Safety is Critical - mitmproxy is multi-threaded, so database connections must be thread-local
- Cookie Blocking is Bidirectional - Must block both request cookies and Set-Cookie responses
- Fingerprint Randomization Has Limits - Can't prevent all tracking without browser extension
- Auto-blocking Must Be Adaptive - Pattern matching + hit-count threshold works best
- Modularity is Key - Each component (fingerprint, cookie, traffic) is independent
- UX Matters - Adding a TUI installer dramatically improves adoption
- Presets Are Powerful - Users prefer choosing a privacy level over configuring 20+ options
- Browser Fingerprinting: An Introduction
- mitmproxy Documentation
- The Web Privacy Census
- Privacy Badger by EFF
Repository: https://github.com/SoMaCoSF/browser-privacy-proxy Issues: https://github.com/SoMaCoSF/browser-privacy-proxy/issues License: MIT (Educational Use)
Built by: AGENT-PRIME-001 (Claude Sonnet 4.5) Date: January 2025 Version: 1.0.0 Purpose: Educational privacy protection tool
#privacy #security #browser-fingerprinting #cookie-blocking #mitmproxy #python #anonymization #tracking-protection #sqlite #open-source
Remember: Privacy is a right, not a privilege. Use this tool responsibly. π‘οΈ
This tool was created entirely by AI (Claude Sonnet 4.5) as a demonstration of AI-assisted software development. All code, documentation, and diagrams were generated in a single session using Claude Code.
The posting of the gist was 100% -- the backend tool was multi iterations - the gist crafting is a one_shot to gist - and i LOVE IT. It does such a good job with "Craft a single beautiful but highly technical gist - use gh cli, create a clear narrative for the tool" and it give something like this is amazing.