Behavioural bot protection

Stop wasting compute on scrapers and click fraud.

Bot and automation blocking. Reverse proxy and sidecar with a rich UI library and dashboard.

Stylobot watches what a client actually does: request timing, path transitions, fingerprint integrity, session shape. 49 detectors vote on every request. No SaaS. Nothing about your visitors leaves your environment. How behavioural inference works →

Live dashboard Free & open source GitHub Repo Buy

Download the latest release v6.8.9 published 2026-05-26

All assets & checksums →

macOS · Apple Silicon 26.1 MB macOS · Intel 28.5 MB Windows · x64 27.4 MB Windows · Arm 25.8 MB Linux · x64 28.4 MB Linux · Arm 26.6 MB

Direct one-click downloads — GitHub redirects each link to the latest matching asset. Verify with SHA256SUMS.txt.

Docker — any OS

Bundled gateway + dashboard (the free engine in one container)

Run

docker run -p 8080:8080 scottgal/stylobot-all:latest

2.

Open the dashboard
http://localhost:8080/_stylobot
This is the FOSS engine, no licence required. stylobot-gateway ships the proxy-only image; stylobot-sidecar is a 36 MB AOT detector your app calls directly.

Live · Your Detection Human

19:57:59 · 15ms

30% bot probability

Unknown Monitor

Top Bots

	Name	Bot %	Conf	Threat	Hits	1h	Seen
	bingbot				4		4h 56m
	googlebot				1		20h 26m

1–2 of 2

Not a demo. Your real request, live detection engine.

Observe-only on stylobot.net. Every detector scores you and the dashboard records it, but no request here is blocked. The model is calibrating against real traffic before launch. Self-hosted deployments pick their own action policy (throttle, block, challenge, log-only).

Native binary · or embed (auto-detected; click to switch)

Full getting-started guide →

1.
Install (Homebrew)
```
brew install scottgal/stylobot/stylobot
```
2.
Run (foreground — shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

Install (Chocolatey or winget)

choco install stylobot

winget install Mostlylucid.StyloBot

2.
Run (foreground — shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

Install (apt, Cloudsmith-signed)

curl -1sLf 'https://dl.cloudsmith.io/public/mostlylucid/stylobot/setup.deb.sh' | sudo bash

sudo apt update && sudo apt install stylobot

2.
Run (foreground — shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

1.
Add the NuGet package to your ASP.NET Core app
```
dotnet add package mostlylucid.botdetection
```
2.
Wire it up in Program.cs
```
builder.Services.AddStyloBot();
```
```
app.UseStyloBot();
```
Detection runs in-process — no proxy hop. The ASP.NET UI SDK package ships the dashboard view components your app can mount at any route. TypeScript SDK is available for non-.NET frontends — see the getting-started guide.

1.

Download from GitHub Releases

Pick the asset for your platform: stylobot-linux-x64.tar.gz, stylobot-linux-arm64.tar.gz, stylobot-osx-arm64.tar.gz, stylobot-osx-x64.tar.gz, or stylobot-win-x64.zip from the releases page.

Verify provenance + extract

gh attestation verify stylobot-linux-x64.tar.gz --owner scottgal

tar xzf stylobot-linux-x64.tar.gz && chmod +x ./stylobot

3.
Run (foreground — shows the live CLI detection table)
```
./stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

Native binary (auto-detected; click to switch)

Full getting-started guide →

1.
Install (Homebrew)
```
brew install scottgal/stylobot/stylobot
```
2.
Run (foreground — shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

Install (Chocolatey or winget)

choco install stylobot

winget install Mostlylucid.StyloBot

2.
Run (foreground — shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

Install (apt, Cloudsmith-signed)

curl -1sLf 'https://dl.cloudsmith.io/public/mostlylucid/stylobot/setup.deb.sh' | sudo bash

sudo apt update && sudo apt install stylobot

2.
Run (foreground — shows the live CLI detection table)
```
stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

1.

Download from GitHub Releases

Pick the asset for your platform: stylobot-linux-x64.tar.gz, stylobot-linux-arm64.tar.gz, stylobot-osx-arm64.tar.gz, stylobot-osx-x64.tar.gz, or stylobot-win-x64.zip from the releases page.

Verify provenance + extract

gh attestation verify stylobot-linux-x64.tar.gz --owner scottgal

tar xzf stylobot-linux-x64.tar.gz && chmod +x ./stylobot

3.
Run (foreground — shows the live CLI detection table)
```
./stylobot 5080 http://localhost:3000
```
Add -d to background as a daemon (no CLI UI). The web dashboard ships in stylobot-all (Docker), stylobot-ui (remote viewer), and the UI SDKs (TypeScript, ASP.NET) — see the getting-started guide.

Docker — any OS

Bundled gateway + dashboard

Run

docker run -p 8080:8080 scottgal/stylobot-all:latest

2.

Open the dashboard
http://localhost:8080/_stylobot

Fund the project

Always self-hosted. FOSS is free for one gateway with the full 49-detector pipeline, SQLite persistence, and the local dashboard.

Paid tiers unlock capabilities, never count caps:

$100/mo
Starter — Postgres + pgvector persistence, hot-reload config editor, ASP.NET monitoring pack
$250/mo
Pro — 5 domains included, fleet management, Redis cluster coordination
coming
Platform packs follow user demand: Magento, Umbraco, WordPress. Vote on the next pack →

See full pricing → ASP.NET pack

Live activity on stylobot.net

Live Activity

Name	Hits	Seen ▼
HK Safari User	1	4h 25m
Chrome Desktop (privacy headers)	1	4h 37m
bingbot	4	4h 56m
JP Safari User	1	7h 36m
US Safari User	1	7h 46m
CN Safari User	1	10h 7m
US Firefox User	2	10h 38m
DE Safari User	1	10h 51m
US Safari User 2	1	14h 31m
US Safari User 3	1	14h 43m

1–10 of 16

Self-hosted
runs in your VPC, your data stays there

Full decision trace
signals, deltas, action, policy

49 detectors
layered protocol + behavior signals

Privacy-aware
HMACed IDs + stripped UAs

Choose your documentation path

Use Customer Docs for setup and rollout playbooks, and GitHub Docs for deep detector internals, architecture, and API references.

Customer Docs Detector Guide GitHub Docs Map Repo Docs Index

AI without LLMs in the hot path.

The intelligence is emergent: small detectors, behavior memory, signatures, reputation, and feedback loops combine into decisions that improve as traffic repeats. LLMs are optional side analysis, not the thing you depend on for every request.

✓

Useful on day one. Start in observe mode and tune from real traffic

✓

Every decision has a trace: raw signals, derived signals, detector deltas, aggregation, and policy action

✓

Session behavioural analysis catches automation that rotates IPs, user agents, and fingerprints

Per-request output

probability
5%

confidence
88%

risk band
VeryLow

action
observe

Plus detector breakdown, raw and derived signals, threat score, intent classification, policy action, and narrative reasoning.

Built for people who want to see the machinery.

Most bot products hide the decision in a vendor cloud. StyloBot gives you the runtime, the signal trace, and the policy controls inside your own deployment.

	StyloBot	DataDome	Cloudflare	HUMAN
Pricing model	Free engine / paid controls	Sales-led SaaS	Enterprise plan	Custom
Self-hosted	Yes	No	No	No
Open source	Full engine	No	No	No
Per-request metering	No	Often	Plan-dependent	Custom
Raw traffic sharing	Not required	Cloud-scored	Cloud edge	Cloud-scored
Policy-controlled friction	Yes	Yes	Yes	Yes

See full pricing

From the development blog

How StyloBot was built and the thinking behind it.

All articles →

Core concept

Behavioural Inference Systems

The architectural idea behind StyloBot: inferring intent from request behaviour rather than matching patterns. Why that distinction matters for accuracy and for false-positive rates.

All bot detection posts

The full development series

30+ articles covering detector design, signal composition, LLM integration, HNSW session clustering, fingerprinting, and the commercial layer. Written as StyloBot was built.

Browse all articles →

Try the commercial controls for 30 days

No credit card. Use the paid dashboard, live config, and persistence layer; fall back to the free engine if you do not subscribe.

Start free trial View source on GitHub

Open source and charity projects: contact us for a complimentary license.