Behavioural bot protection

Stop wasting compute on scrapers and click fraud.

Bot and automation blocking. Reverse proxy and sidecar with a rich UI library and dashboard.

Stylobot watches what a client actually does: request timing, path transitions, fingerprint integrity, session shape. 49 detectors vote on every request. No SaaS. Nothing about your visitors leaves your environment. How behavioural inference works →

Live dashboard Free & open source GitHub Repo Buy

Download the latest release v7.0.0 published 2026-06-01

All assets & checksums →

macOS · Apple Silicon 26.4 MB macOS · Intel 28.7 MB Windows · x64 27.7 MB Windows · Arm 26.0 MB Linux · x64 28.6 MB Linux · Arm 26.8 MB

Direct one-click downloads — GitHub redirects each link to the latest matching asset. Verify with SHA256SUMS.txt.

Docker — any OS

Bundled gateway + dashboard (the free engine in one container)

Run

docker run -p 8080:8080 scottgal/stylobot-all:latest

2.

Open the dashboard
http://localhost:8080/_stylobot
This is the FOSS engine, no licence required. stylobot-gateway ships the proxy-only image; stylobot-sidecar is a 36 MB AOT detector your app calls directly.

Live · Your Detection Human

Identified as ClaudeBot

Top Bots

Name	Hits	Seen
US Bot	130	2h 11m
GPT's Grumpy Giggles	59	11h 26m
Bytespider	28	14h 11m
googlebot	25	1h 14m
Header Huddlebug	7	20h 35m

1–5 of 44

1 …

Not a demo. Your real request, live detection engine.

Observe-only on stylobot.net. Every detector scores you and the dashboard records it, but no request here is blocked. The model is calibrating against real traffic before launch. Self-hosted deployments pick their own action policy (throttle, block, challenge, log-only).

Native binary · or embed (auto-detected; click to switch)

Full getting-started guide →

1.
Install (Homebrew)
```
brew install scottgal/stylobot/stylobot
```
2.
Run (foreground — shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

Install (Chocolatey or winget)

choco install stylobot

winget install Mostlylucid.StyloBot

2.
Run (foreground — shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

Install (apt, Cloudsmith-signed)

curl -1sLf 'https://dl.cloudsmith.io/public/mostlylucid/stylobot/setup.deb.sh' | sudo bash

sudo apt update && sudo apt install stylobot

2.
Run (foreground — shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

1.
Add the NuGet package to your ASP.NET Core app
```
dotnet add package mostlylucid.botdetection
```
2.
Wire it up in Program.cs
```
builder.Services.AddStyloBot();
```
```
app.UseStyloBot();
```
Detection runs in-process — no proxy hop. The ASP.NET UI SDK package ships the dashboard view components your app can mount at any route. TypeScript SDK is available for non-.NET frontends — see the getting-started guide.

1.

Download from GitHub Releases

Pick the asset for your platform: stylobot-linux-x64.tar.gz, stylobot-linux-arm64.tar.gz, stylobot-osx-arm64.tar.gz, stylobot-osx-x64.tar.gz, or stylobot-win-x64.zip from the releases page.

Verify provenance + extract

gh attestation verify stylobot-linux-x64.tar.gz --owner scottgal

tar xzf stylobot-linux-x64.tar.gz && chmod +x ./stylobot

3.
Run (foreground — shows the live CLI detection table)
```
./stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

Native binary (auto-detected; click to switch)

Full getting-started guide →

1.
Install (Homebrew)
```
brew install scottgal/stylobot/stylobot
```
2.
Run (foreground — shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

Install (Chocolatey or winget)

choco install stylobot

winget install Mostlylucid.StyloBot

2.
Run (foreground — shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

Install (apt, Cloudsmith-signed)

curl -1sLf 'https://dl.cloudsmith.io/public/mostlylucid/stylobot/setup.deb.sh' | sudo bash

sudo apt update && sudo apt install stylobot

2.
Run (foreground — shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

1.

Download from GitHub Releases

Pick the asset for your platform: stylobot-linux-x64.tar.gz, stylobot-linux-arm64.tar.gz, stylobot-osx-arm64.tar.gz, stylobot-osx-x64.tar.gz, or stylobot-win-x64.zip from the releases page.

Verify provenance + extract

gh attestation verify stylobot-linux-x64.tar.gz --owner scottgal

tar xzf stylobot-linux-x64.tar.gz && chmod +x ./stylobot

3.
Run (foreground — shows the live CLI detection table)
```
./stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

Docker — any OS

Bundled gateway + dashboard

Run

docker run -p 8080:8080 scottgal/stylobot-all:latest

2.

Open the dashboard
http://localhost:8080/_stylobot

Fund the project

Always self-hosted. FOSS is free for one gateway with the full 49-detector pipeline, SQLite persistence, and the local dashboard.

Paid tiers unlock capabilities, never count caps:

$100/mo
Starter — Postgres + pgvector persistence, hot-reload config editor, ASP.NET monitoring pack
$250/mo
Pro — 5 domains included, fleet management, Redis cluster coordination
coming
Platform packs follow user demand: Magento, Umbraco, WordPress. Vote on the next pack →

See full pricing → ASP.NET pack

Live activity on stylobot.net

Live Activity

Name	Hits	Seen ▼
JP User	2	15m
DE User	2	24m
Header Hooligan Hashing	1	24m
SE User	2	32m
Header Hooligan Hashing 2	1	36m
Header Hooligan Hashing 3	7	49m
IN User	25	56m
MX User	2	1h 7m
googlebot	25	1h 14m
Bingbot	64	1h 14m

1–10 of 143

1 …

Self-hosted
runs in your VPC, your data stays there

Full decision trace
signals, deltas, action, policy

49 detectors
layered protocol + behavior signals

Privacy-aware
HMACed IDs + stripped UAs

Choose your documentation path

Use Customer Docs for setup and rollout playbooks, and GitHub Docs for deep detector internals, architecture, and API references.

Customer Docs Detector Guide GitHub Docs Map Repo Docs Index

AI without LLMs in the hot path.

The intelligence is emergent: small detectors, behavior memory, signatures, reputation, and feedback loops combine into decisions that improve as traffic repeats. LLMs are optional side analysis, not the thing you depend on for every request.

✓

Useful on day one. Start in observe mode and tune from real traffic

✓

Every decision has a trace: raw signals, derived signals, detector deltas, aggregation, and policy action

✓

Session behavioural analysis catches automation that rotates IPs, user agents, and fingerprints

Per-request output

probability
5%

confidence
88%

risk band
VeryLow

action
observe

Plus detector breakdown, raw and derived signals, threat score, intent classification, policy action, and narrative reasoning.

Built for people who want to see the machinery.

Most bot products hide the decision in a vendor cloud. StyloBot gives you the runtime, the signal trace, and the policy controls inside your own deployment.

	StyloBot	DataDome	Cloudflare	HUMAN
Pricing model	Free engine / paid controls	Sales-led SaaS	Enterprise plan	Custom
Self-hosted	Yes	No	No	No
Open source	Full engine	No	No	No
Per-request metering	No	Often	Plan-dependent	Custom
Raw traffic sharing	Not required	Cloud-scored	Cloud edge	Cloud-scored
Policy-controlled friction	Yes	Yes	Yes	Yes

See full pricing

From the development blog

How StyloBot was built and the thinking behind it.

All articles →

Core concept

Behavioural Inference Systems

The architectural idea behind StyloBot: inferring intent from request behaviour rather than matching patterns. Why that distinction matters for accuracy and for false-positive rates.

All bot detection posts

The full development series

30+ articles covering detector design, signal composition, LLM integration, HNSW session clustering, fingerprinting, and the commercial layer. Written as StyloBot was built.

Browse all articles →

Try the commercial controls for 30 days

No credit card. Use the paid dashboard, live config, and persistence layer; fall back to the free engine if you do not subscribe.

Start free trial View source on GitHub

Open source and charity projects: contact us for a complimentary license.