Skip to content
/ browser-fingerprinting Public
forked from niespodd/browser-fingerprinting

Analysis of Bot Protection systems with available countermeasures 🚿. How to defeat anti-bot system πŸ‘» and get around browser fingerprinting scripts πŸ•΅οΈβ€β™‚οΈ when scraping the web?

niespodd.github.io/browser-fingerprinting/
0 stars 225 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

whathappenedman/browser-fingerprinting

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

20 Commits
README.md
README.md
Β 
Β 

Repository files navigation

Browser Fingerprinting πŸ‘« Anti-bot Detection

Here I study various aspects of existing evasion techniques to get around anti-bot systems. ⭐-s are appreciated. Looking for help with bypassing one?

Random, maybe useful

puppeteer-extra-plugin-stealth 😈

βœ”οΈ Win / ❌ Fail / πŸ‘” Tie :

  • πŸ‘” p0f - detect host OS from TCP struct - Not possible to fix via Puppeteer APIs. Used in Akamai Bot Manager to match against JS and browser headers (Client Hints and User-Agent). There is a detailed explaination of the issue. The most reliable evasion seems to be not spoofing host OS at all, or using OSfooler-ng.
  • πŸ‘” Browser dimensions - Although stealth plugin provides window.outerdimensions evasion, it won't work without correct config on non-default OS in headless mode; almost always fails when viewport size >= screen resolution (low screen resolution display on the host).
  • ❌ core-estimator - This can detect mismatch between navigator.hardwareConcurrency and SW/WW execution profile. Not possible to limit/bump the ServiceWorker/WebWorker thread limit via existng Puppeteer APIs.
  • ❌ WebGL extensions profiling - desc. tbd
  • ❌ RTCPeerConnection when behind a proxy - Applies to both SOCKS and HTTP(S) proxies.
  • ❌ Performance.now - desc. tbd (red pill)
  • ❌ WebGL profiling - desc. tbd
  • ❌ Client Hints - desc. tbd
  • ❌ Behavior Detection - desc. tbd (events, params, ML+AI buzz)
  • ❌ Font fingerprinting - desc. tbd (list+version+renderer via HTML&canvas)
  • ❌ Network Latency - desc. tbd (integrity check: proxy det., JS networkinfo, dns resolv profiling&timing)
  • ❌ Battery API - desc. tbd
  • ❌ Gyroscope and other (mostly mobile) device sensors - desc. tbd

Multilogin, Kameleo, copycats and others

tbd (if you have an active subscription in any of these services and don't mind sharing an account drop me an email ❀️)

Support

If you have problems with scraping specific website, write me a short email at [email protected]. I can help you with any anti-bot detection issue (not only the ones from the list above) and have a dedicated tΓͺte-Γ -tΓͺte consultation via Skype 😊.

Leave ⭐ and a tip ➑️ Ethereum address 0x380a4b41fB5e0e1EB8c616eBD56f62f8F934Bab6

About

Analysis of Bot Protection systems with available countermeasures 🚿. How to defeat anti-bot system πŸ‘» and get around browser fingerprinting scripts πŸ•΅οΈβ€β™‚οΈ when scraping the web?

niespodd.github.io/browser-fingerprinting/

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 99.7%
  • HTML 0.3%