Skip to main content
All Kernel browsers ship with anti-detection optimizations by default — you don’t need stealth mode for this baseline. Enabling stealth mode adds two managed services on top:
  1. Default proxy — traffic routes through a static ISP proxy, providing a stable exit IP for the session.
  2. Automatic CAPTCHA solver — solves reCAPTCHAs, Cloudflare challenges, and similar tests automatically.
Both are opt-out so you can bring your own where it makes sense.

IP Rotation Behavior

The default stealth proxy provides a static exit IP — all connections within the session exit through the same IP address. If you override the default with a residential proxy, exit IPs will rotate per connection. See Residential IP Rotation Behavior for details. To turn on stealth mode, set its flag when instantiating Kernel browsers:
import Kernel from '@onkernel/sdk';

const kernel = new Kernel();

const kernelBrowser = await kernel.browsers.create({
  stealth: true,
});
from kernel import Kernel

kernel = Kernel()

kernel_browser = kernel.browsers.create(
    stealth=True,
)
package main

import (
	"context"

	"github.com/kernel/kernel-go-sdk"
)

func main() {
	ctx := context.Background()
	client := kernel.NewClient()

	kernelBrowser, err := client.Browsers.New(ctx, kernel.BrowserNewParams{
		Stealth: kernel.Bool(true),
	})
	if err != nil {
		panic(err)
	}
	_ = kernelBrowser
}

Bring your own proxy or CAPTCHA solver

Anti-detection is the platform default, so you can freely mix in your own networking or CAPTCHA tooling. Common patterns:
  • BYO proxy, keep CAPTCHA solver — launch a stealth browser with your own proxy via proxy_id. Replaces the ISP default; CAPTCHA solver stays loaded.
  • BYO proxy, no CAPTCHA solver — launch a non-stealth browser with your own proxy_id. Full anti-detection config, no managed proxy or CAPTCHA extension.
  • Disable the default proxy at runtime — on a running stealth browser, set disable_default_proxy to route directly while keeping the CAPTCHA solver.

Stealth with your own proxy

To run a stealth browser through your own proxy instead of the managed ISP default, pass both stealth: true and a proxy_id when creating the session. The CAPTCHA solver stays loaded; your proxy replaces the ISP default.
const kernelBrowser = await kernel.browsers.create({
  stealth: true,
  proxy_id: myProxy.id,
});
kernel_browser = kernel.browsers.create(
    stealth=True,
    proxy_id=my_proxy.id,
)
kernelBrowser, err := client.Browsers.New(ctx, kernel.BrowserNewParams{
	Stealth: kernel.Bool(true),
	ProxyID: kernel.String(myProxy.ID),
})
if err != nil {
	panic(err)
}
_ = kernelBrowser
If you’re looking for proxy-level configuration with Kernel browsers, see Proxies.

CAPTCHA Handling Behavior

Below are tips for working with Kernel’s Stealth Mode auto-CAPTCHA solver across different challenge types and automation frameworks.

Anthropic Computer Use

Anthropic Computer Use stops when it encounters a CAPTCHA. Use Kernel’s auto-CAPTCHA solver by adding this to your prompt: "If you see a CAPTCHA or similar test, just wait for it to get solved automatically by the browser."

Cloudflare Challenge

When encountering a Cloudflare challenge, our auto-CAPTCHA solver will attempt to handle it. Once the “Ready” message appears on the screen, continue with your intended browser actions (e.g., entering credentials and submitting a login attempt).
After the “Ready” message appears, don’t click the Cloudflare CAPTCHA checkbox — this can interfere with the solver.