The vBrowser team brings you a container suite built for safe, powerful, and covert browser-based investigations and secure remote browsing. Key features include:
- Browser sessions with HTTP and HTTPS access
- Microphone and audio output passthrough
- File management with full directory access
- One-click screenshot capture from within active browser sessions
All vBrowser images utilize the LinuxServer.io kasmvnc baseimage, providing secure and efficient virtual browser sessions.
The vBrowser terminal image is the only exception. It uses ttyd, a WebSocket-based terminal sharing tool.
vBrowser integrates LinuxServer’s kclient to enable:
- Microphone input
- Audio output
- Drag-and-drop file transfers
In addition, vBrowser extends kclient with support for automatic ZIP compression using JSZip, allowing users to download files as zipped archives.
Users can also upload/download files from any directory, not just the default Downloads folder.
vBrowser includes a built-in screenshot feature that allows users to take a snapshot of the active remote browser session directly from the interface.
-
User triggers the screenshot
A function (screenshot()) is called when the user clicks a screenshot button in the frontend. This function locates the embeddediframerunning the VNC session. -
Message sent to iframe
It sends apostMessageevent to the iframe, instructing the remote browser container to capture a screenshot:iframe.contentWindow.postMessage({ type: 'captureScreenshot' }, '*');
Note: This README does not include full-length documentation on baseimage features.
For a detailed guide on available options and configurations, please refer to the official baseimage documentation here:
👉 linuxserver/docker-baseimage-kasmvnc - README
Simply pulling vbrowser/<vbrowser_name>:latest should retrieve the correct image for your arch, but you can also pull specific arch images via tags.
The architectures supported by this image are:
| Architecture | Platform | Supported | Notes |
|---|---|---|---|
amd64 |
Linux | ✅ Yes | Fully tested and supported |
amd64 |
Windows | ✅ Yes | Fully tested and supported |
aarch64 |
Linux | ❌ No | Not yet tested or supported |
arm64 |
Linux | ❌ No | Not yet tested or supported |
The application can be accessed at:
To help you get started creating a container from this image you can either use docker-compose or the docker cli.
docker-compose (recommended, click here for more info)
---
services:
vbrowser-app-1:
image: vbrowser/<vbrowser_name>:latest
container_name: vbrowser-app-1
environment:
- PUID=1000
- PGID=1000
- TZ=Etc/UTC
ports:
- 3000:3000
- 3001:3001
restart: unless-stoppeddocker cli (click here for more info)
docker run -d \
--name=vbrowser-app-1 \
-e PUID=1000 \
-e PGID=1000 \
-e TZ=Etc/UTC \
-p 3000:3000 \
-p 3001:3001 \
--restart unless-stopped \
vbrowser/<vbrowser_name>:latestContainers are configured using parameters passed at runtime (such as those above). These parameters are separated by a colon and indicate <external>:<internal> respectively. For example, -p 8080:80 would expose port 80 from inside the container to be accessible from the host's IP on port 8080 outside the container.
| Parameter | Function |
|---|---|
-p 3000:3000 |
Application desktop gui. |
-p 3001:3001 |
HTTPS Application desktop gui. |
-e PUID=1000 |
for UserID - see below for explanation |
-e PGID=1000 |
for GroupID - see below for explanation |
-e TZ=Etc/UTC |
specify a timezone to use, see this list. |
You can set any environment variable from a file by using a special prepend FILE__.
As an example:
-e FILE__MYVAR=/run/secrets/mysecretvariableWill set the environment variable MYVAR based on the contents of the /run/secrets/mysecretvariable file.
When using volumes (-v flags), permissions issues can arise between the host OS and the container, we avoid this issue by allowing you to specify the user PUID and group PGID.
Ensure any volume directories on the host are owned by the same user you specify and any permissions issues will vanish like magic.
In this instance PUID=1000 and PGID=1000, to find yours use id your_user as below:
id your_userExample output:
uid=1000(your_user) gid=1000(your_user) groups=1000(your_user)
If you want to make local modifications to these images for development purposes or just to customize the logic:
git clone https://github.com/fish-not-phish/vbrowsers.git
cd vbrowsers/<vbrowser_name>
docker build \
--no-cache \
--pull \
-t vbrowser/<vbrowser_name>:latest .The environment variable LC_ALL can be used to start this container in a different language than English simply pass for example to launch the Desktop session in French LC_ALL=fr_FR.UTF-8. Some languages like Chinese, Japanese, or Korean will be missing fonts needed to render properly known as cjk fonts, but others may exist and not be installed inside the container depending on what underlying distribution you are running. We only ensure fonts for Latin characters are present. Fonts can be installed with a mod on startup.
To install cjk fonts on startup as an example pass the environment variables (Alpine base):
-e DOCKER_MODS=linuxserver/mods:universal-package-install
-e INSTALL_PACKAGES=fonts-noto-cjk
-e LC_ALL=zh_CN.UTF-8
The web interface has the option for "IME Input Mode" in Settings which will allow non english characters to be used from a non en_US keyboard on the client. Once enabled it will perform the same as a local Linux installation set to your locale.