# Before
- 40% of your website traffic is from bots
- They're taking over accounts, scraping prices and ruining your website reputation
# After
+ BotD is a browser library for JavaScript bot detection
+ Easily add ability to detect automation tools, browser spoofing and virtual machines
+ Requires adding only 3 lines of JavaScript on your website🔩 Try Demo - see the live demo running in your browser
BotD runs in the browser; additionally you can harden it by using our open source cloud integrations.
- CloudFlare - runs in CloudFlare workers for increased accuracy and security.
- Fastly - runs in Fastly Compute@Edge high-performance WASM edge
- Next.js/Vercel3rd party - runs as a Next.js edge middleware
<script>
// Initialize an agent at application startup.
const botdPromise = import('https://openfpcdn.io/botd/v0.1')
.then( Botd => Botd.load({
token: '<your-token>',
mode: 'allData'
}))
// Get the bot detection result when you need it.
botdPromise
.then(botd => botd.detect())
.then(result => console.log(result))
.catch(error => console.error(error))
</script>npm i @fpjs-incubator/botd-agent
# or
yarn add @fpjs-incubator/botd-agentimport Botd from '@fpjs-incubator/botd-agent';
// Initialize an agent at application startup.
const botdPromise = Botd.load({
token: "<token>",
mode: "allData"
});
(async () => {
// Get the bot detection result when you need it.
const botd = await botdPromise
const result = await botd.detect();
console.log(result);
})();A free token is required to authenticate with our server-side bot detection API.
To get your token, please ping us on Discord or email us at botd@fingerprintjs.com
(just type token in the email subject, no need to compose a body)
The free token is soft-limited to 1M API calls per month and 3 calls per second while in beta.
- Headless Browsers (Chrome, Firefox)
- SeleniumHQ/selenium is an umbrella project encapsulating a variety of tools and libraries enabling web browser automation.
- microsoft/playwright is a Node.js library to automate Chromium, Firefox and WebKit with a single API.
- ariya/phantomjs is a headless WebKit scriptable with JavaScript.
- segmentio/nightmare is a high-level browser automation library.
- electron/electron framework lets you write cross-platform desktop applications using JavaScript, HTML and CSS.
- geb/geb (pronounced “jeb”) is a browser automation solution.
- macbre/phantomas Headless Chromium-based modular web performance metrics collector.
- casperjs/casperjs is a navigation scripting & testing utility for PhantomJS and SlimerJS.
- laurentj/slimerjs is a scriptable browser.
- beefproject/beef is short for The Browser Exploitation Framework. It is a penetration testing tool that focuses on the web browser.
- ajinabraham/OWASP-Xenotix-XSS-Exploit-Framework is an advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework.
- Netflix-Skunkworks/sleepy-puppy is a cross-site scripting (XSS) payload management framework which simplifies the ability to capture, manage, and track XSS propagation over long periods of time.
- echo-devim/xbackdoor is a tool to take advantage of a persistent XSS vulnerability.
Browser spoofing - is a technique that helps users fake that they are using a different browser configuration by changing the browsers features.
The BotD helps to detect the following types of spoofing:
- User Agent spoofing
- Operating System spoofing
- Hardware spoofing
- etc.
The BotD helps to detect if the browser is running inside one of the popular virtual machines, like VirtualBox, VmWare, Parallels, Hyper-V, etc.
Google Bot, Bing Bot, Baidu Spider, Yahoo Bot, Alexa Bot, Apple Bot, Facebook Bot, Twitter Bot, Pinterest Bot, DuckDuckGo Bot, Coccoc Bot, Yandex Bot, Telegram Bot, Kiwi Status Spider, Naver Spider, Sputnik Bot, Petal Bot, Aspiegel Bot, Seznam Bot, Sogou Bot, DuckDuckGo Bot, Rackspace Bot, Pingdom Bot, WebPageTest.org crawlers, StatusCakeBot, Nutch-based Bot, Genieo Web filter, etc.
Many more tools and configurations are supported
See the contributing guidelines to learn how to start a playground, test, and build.
© 2021 FingerprintJS, Inc