Damru
Damru vs Camoufox: Android-Native vs Desktop Firefox Antidetect
Damru and Camoufox are both open-source antidetect browser frameworks, but they solve fingerprinting from opposite foundations: Camoufox patches Firefox’s Gecko engine to mask a desktop environment, while Damru boots a complete Android OS inside Docker via Redroid and controls Chrome for Android over CDP — generating fingerprints that are architecturally indistinguishable from a real physical mobile device.
Choosing between them comes down to a single question: does the site or application under authorized test differentiate mobile and desktop sessions at the fingerprint level? If yes — or unknown — Damru’s Android-native approach removes the fundamental limitation that any desktop-impersonating tool carries regardless of how aggressively it patches browser signals.
What Is Camoufox?
Camoufox is an open-source fork of Firefox that applies patches to the Gecko engine to reduce or randomize the browser signals most fingerprinting systems use to identify automation.
Key Camoufox characteristics:
- Engine: Gecko (Firefox)
- Platform footprint: Desktop Linux, macOS, Windows
- Fingerprint approach: Patch-based spoofing — Canvas, WebGL, font metrics, navigator properties
- Protocol: Playwright-compatible via Firefox CDP
- Stealth mechanism: Source-level patches to Firefox’s rendering and JS engine
- Best use case: Desktop-targeted sites where Firefox is a plausible user agent
Camoufox is a legitimate research tool maintained by the open-source community. Its architecture is well-suited to sites whose bot-detection stacks are primarily calibrated against Chrome-based automation rather than mobile device characteristics.
What Is Damru?
Damru is an Android-native browser automation framework that boots a real Android OS in a Docker container using Redroid, then connects Playwright to Chrome for Android via the Chrome DevTools Protocol.
Key Damru characteristics:
- Engine: Chrome for Android (Blink)
- Platform footprint: Genuine Android OS (ARM or x86_64 via Redroid container)
- Fingerprint approach: Real hardware signals — no spoofing required because the OS is actual Android
- Protocol: Playwright-compatible CDP
- Stealth mechanism: Architectural authenticity rather than patch-based disguise
- Best use case: Mobile-aware sites, Android WebViews, authorized mobile QA testing
pip install damru
import asyncio
from damru import AsyncDamru
async def main():
async with AsyncDamru() as damru:
page = await damru.new_page()
await page.goto("https://httpbin.org/user-agent")
print(await page.inner_text("body"))
asyncio.run(main())
Side-by-Side Comparison
| Dimension | Camoufox | Damru |
|---|---|---|
| Underlying browser | Firefox (Gecko) | Chrome for Android (Blink) |
| OS environment | Desktop (Linux / macOS / Windows) | Android OS via Redroid Docker container |
| Fingerprint source | Patched and spoofed signals | Authentic Android OS signals |
| Canvas fingerprint | Randomized via Gecko patches | Real Android GPU rendering output |
| WebGL renderer | Spoofed string | Actual Android GPU driver string |
| Sensor data (gyro, accelerometer) | Not available | Available natively from Android OS |
| TLS fingerprint | Firefox desktop JA3 / JA4 | Chrome for Android JA3 / JA4 |
| HTTP/2 SETTINGS frame order | Firefox desktop pattern | Android Chrome pattern |
| Playwright compatible | Yes | Yes |
| Python API | Yes | Yes |
| Concurrency model | Playwright browser contexts | AsyncDamru / DamruPool containers |
| Horizontal fleet scaling | Multi-process Playwright | DamruPool container orchestration |
| Mobile-first site authenticity | Partial (UA string only) | Full (real Android OS stack) |
| Docker dependency | No | Yes (Redroid) |
| Setup complexity | Low | Medium |
Where Camoufox Wins
Choose Camoufox when:
- Your authorized testing target is a desktop-first web application where mobile signals are irrelevant
- Firefox Gecko compatibility matters for browser-diversity testing of your own frontend
- You need the lowest possible setup overhead — no Docker or Linux kernel requirements
- The target’s bot-detection stack does not interrogate mobile sensor data, Android WebGL renderer strings, or touch event presence
Where Damru Wins
Choose Damru when:
- The target differentiates mobile from desktop sessions at the fingerprint or content level
- You are conducting authorized QA testing of Android WebView behavior or mobile-only features
- Your research requires authentic Chrome for Android TLS fingerprints (JA4 mobile signature)
- Anti-bot scoring includes gyroscope availability, touch event pattern analysis, or mobile GPU renderer strings that a patched desktop browser cannot produce
- You need to scale a device fleet with genuine per-device fingerprint diversity via
DamruPool - The task involves mobile-only content — pages that serve different HTML to mobile User-Agents and verify the claim with sensor checks
Using Both Together
Damru and Camoufox complement rather than compete — they cover opposite sides of the device-type axis.
A comprehensive authorized cross-platform QA or fingerprinting research pipeline can route desktop-targeted test cases through Camoufox and mobile-targeted test cases through Damru. Because both expose Playwright-compatible Page objects, the same test logic can drive both tools with minimal branching:
# Desktop path → Camoufox
# Mobile path → Damru
# Same Playwright Page API either way
await page.goto(url)
await page.wait_for_selector(".product-price")
price = await page.inner_text(".product-price")
Fingerprint Signal Coverage Compared
The table below maps each major fingerprinting dimension to the authenticity level each tool achieves:
| Signal Category | Camoufox Coverage | Damru Coverage |
|---|---|---|
| TLS / JA4 fingerprint | Firefox desktop (authentic) | Chrome Android (authentic) |
| Canvas rendering | Randomized (approximate) | Real Android GPU (exact) |
| WebGL renderer string | Spoofed (approximate) | Real GPU driver (exact) |
| navigator.webdriver | Patched to undefined | Not set (real browser) |
| Touch events | Not present (desktop OS) | Present (Android) |
| Gyroscope / accelerometer | Not available | Available (Android sensors) |
| Font enumeration | Patched / limited | Android font set (exact) |
| HTTP/2 SETTINGS order | Firefox desktop | Chrome Android |
FAQ
Is Camoufox completely open source?
Yes — Camoufox is fully open-source under the Mozilla Public License, published on GitHub with publicly auditable Firefox patches. This is an advantage for security-conscious research teams who need to understand exactly which signals are being modified and how.
Does Damru require an ARM processor to run Android?
No — Redroid supports x86_64 host machines using Android’s native bridge translation layer (libhoudini or libndk_translation), so Damru runs on standard Intel or AMD cloud servers. Native ARM execution is also supported on ARM-based hosts like AWS Graviton instances.
Which tool is harder for modern anti-bot vendors to detect?
Damru is architecturally harder to detect against mobile-aware fingerprinting because it does not modify any signal — it is a real Android device. Camoufox is harder to detect than standard Playwright against desktop fingerprinting checks because it patches the signals those checks target. Neither tool is undetectable by all systems under all conditions.
Can I use Damru to replicate iOS Safari fingerprints?
No — Damru is Android-specific. For authorized iOS Safari testing, the appropriate options are Playwright’s WebKit driver (which approximates Safari rendering) or a physical iOS device connected via XCUITest for full authenticity.