Metal – stealth browser for enterprise automations (metalsecurity.io)

9 points by erekp ↗ HN
Hi HN!

Today we're launching Metal, a self-hosted stealth browser built for enterprise automation. We have many years of experience bypassing anti-bot protections and CAPTCHAs, and we've seen the same problems solved repeatedly with hacky solutions that don't stand the test of time.

We built Metal to address the most common challenges companies face when automating browsers or performing web scraping at scale.

Our custom browser comes with everything included—handling anti-bots, CAPTCHAs, and common deployment methods—and is entirely self-hosted, allowing companies to scale as needed without worrying about complicated usage-based pricing.

19 comments

[ 2.6 ms ] story [ 52.1 ms ] thread
There's no information about how it works. The docs are behind a paywall. Why are you sharing this here? Are you just looking for customers?
Is there any specific reason to have only Enterprise level pricing?
We're looking to deal with companies that have serious automation and scraping challenges. There are other solutions out there that are less robust and more transparent on how they bypass protections. We chose to keep ours tight to protect our clients and provide the best enterprise support we can.
How can I block traffic from bots using Metal?
Interesting, I’ve spent a lot of time over the past couple months researching the options for headless browsers in the cloud for AI agent workloads. What about user-data-dir persistence and infinite long running sessions? What about human-in-the-loop workflows with shareable embeddable browser control where a human manually takes over? If you have both these features then it’s a game changer. As for stealth alone, GoLogin and Browserless already handle this pretty well. The hard part is authentication initiation with human in the loop and session persistence.
You can probably implement that using our self-hosted solution. You'll have full access to the browser and can save sessions.
Didn't see a self-hosted version on the website? Sounds awesome.
Yeah, our solution is a self-hosted one. You control everything. Send us a message, sounds like we can help you build something!
[flagged]
Thanks! Glad we're helping
Hopefully one day you get impacted by similar tech and your business fails. What goes around, come around and Im sure it will come around to you too. Since you dont have any details on your website about who you are or where you are located (which says a lot about the type of company and people you are) I look forward to the day your servers and data are leaked to something like Distributed Denial of Secrets (love what happened to TMSignal today)
I don't see why such animosity. Many legit companies (which is the only type of enterprise we deal with) have legit automation use-cases and require solutions to do that against walled gardens and information gatekeepers. We believe whatever a human can do with a computer, in public sites, should be automatable with a machine. There's no difference. A browser like that does not DDOs anyone.
If you have such good intentions, then proudly display who you are and where you are located on your website. Why are you hiding behind a veil of secrecy? Your social links on the website go no where. Speaks volumes about the 'legit' use cases you are targeting.
You're not helping. You're doing something that the host or owner of the website does not want you to do, circumventing their protections. This means they'll end up strengthening their protections, which only makes things worse for everybody.
So you just „released” it, I can’t see anything except „request access”.
(comment deleted)