StyloBot. Realtime self-hosted adaptive bot and automation protection.

Behavioral bot protection

Stop wasting compute on scrapers and click fraud.

Bot and automation blocking. Reverse proxy and sidecar with a rich UI library and dashboard.

StyloBot watches what a client actually does: request timing, path transitions, fingerprint integrity, session shape. 49 detectors vote on every request. No SaaS. Nothing about your visitors leaves your environment. How behavioral inference works →

Direct one-click downloads. GitHub redirects each link to the latest matching asset. Verify with SHA256SUMS.txt.

Docker on any OS

Bundled gateway + dashboard (the free engine in one container)

Run

docker run -p 8080:8080 scottgal/stylobot-all:latest

2.

Open the dashboard

http://localhost:8080/_stylobot
This is the FOSS engine, no license required. stylobot-gateway ships the proxy-only image; stylobot-sidecar is a 36 MB AOT detector your app calls directly.

Not a demo. Your real request, live detection engine.

Observe-only on stylobot.net. Every detector scores you and the dashboard records it, but no request here is blocked. The model is calibrating against real traffic before launch. Self-hosted deployments pick their own action policy (throttle, block, challenge, log-only).

1.
Install (Homebrew)
```
brew install scottgal/stylobot/stylobot
```
2.
Run (foreground; shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET); see the getting-started guide.

Install (Chocolatey or winget)

choco install stylobot

winget install Mostlylucid.StyloBot

2.
Run (foreground; shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET); see the getting-started guide.

Install (apt, Cloudsmith-signed)

curl -1sLf 'https://dl.cloudsmith.io/public/mostlylucid/stylobot/setup.deb.sh' | sudo bash

sudo apt update && sudo apt install stylobot

2.
Run (foreground; shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET); see the getting-started guide.

1.
Add the NuGet package to your ASP.NET Core app
```
dotnet add package mostlylucid.botdetection
```
2.
Wire it up in Program.cs
```
builder.Services.AddStyloBot();
```
```
app.UseStyloBot();
```
Detection runs in-process with no proxy hop. The ASP.NET UI SDK package ships the dashboard view components your app can mount at any route. TypeScript SDK is available for non-.NET frontends; see the getting-started guide.

1.

Download from GitHub Releases

Pick the asset for your platform: stylobot-linux-x64.tar.gz, stylobot-linux-arm64.tar.gz, stylobot-osx-arm64.tar.gz, stylobot-osx-x64.tar.gz, or stylobot-win-x64.zip from the releases page.

Verify provenance + extract

gh attestation verify stylobot-linux-x64.tar.gz --owner scottgal

tar xzf stylobot-linux-x64.tar.gz && chmod +x ./stylobot

3.
Run (foreground; shows the live CLI detection table)
```
./stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET); see the getting-started guide.

Self-hosted
runs in your VPC, your data stays there

Full decision trace
signals, deltas, action, policy

49 detectors
layered protocol + behavior signals

Privacy-aware
HMACed IDs + stripped UAs

Choose your documentation path

Use Customer Docs for setup and rollout playbooks, and GitHub Docs for deep detector internals, architecture, and API references.

AI without LLMs in the hot path.

The intelligence is emergent: small detectors, behavior memory, signatures, reputation, and feedback loops combine into decisions that improve as traffic repeats. LLMs are optional side analysis, not the thing you depend on for every request.

✓

Useful on day one. Start in observe mode and tune from real traffic

✓

Every decision has a trace: raw signals, derived signals, detector deltas, aggregation, and policy action

✓

Session behavioral analysis catches automation that rotates IPs, user agents, and fingerprints

Per-request output

probability
5%

confidence
88%

risk band
VeryLow

action
observe

Plus detector breakdown, raw and derived signals, threat score, intent classification, policy action, and narrative reasoning.

Built for people who want to see the machinery.

Most bot products hide the decision in a vendor cloud. StyloBot gives you the runtime, the signal trace, and the policy controls inside your own deployment.

	StyloBot	DataDome	Cloudflare	HUMAN
Pricing model	Free engine / paid controls	Sales-led SaaS	Enterprise plan	Custom
Self-hosted	Yes	No	No	No
Open source	Full engine	No	No	No
Per-request metering	No	Often	Plan-dependent	Custom
Raw traffic sharing	Not required	Cloud-scored	Cloud edge	Cloud-scored
Policy-controlled friction	Yes	Yes	Yes	Yes

From the development blog

How StyloBot was built and the thinking behind it.

All articles →

Try the commercial controls for 30 days

No credit card. Use the paid dashboard, live config, and persistence layer; fall back to the free engine if you do not subscribe.

Open source and charity projects: contact us for a complimentary license.