commercial-bot-detectors: A JavaScript repository from supriyo-biswas

commercial-bot-detectors

This repository contains JavaScript code of many commercial bot detectors/fingerprinting services and string deobfuscators for them if applicable.

List of included scripts ("deobfuscated" refers to string deobfuscation. This is useful for seeing what browser attributes they are looking for. I did not undo any sort of control flow obfuscation):

AddThis
Ad-Maven
Integral Ad Sciences (AdSafeProtected)
AdScore
AFK-Media
Akami (deobfuscated)
AliExpress
Amazon Ads
Analytics-Engine
AreYouAHuman
ArkoseLabs (deobfuscated)
Augur (deobfuscated)
BehavioSec (from demo page, code is a mess and I have not analyzed it yet)
BlueCava
Bouncex (deobfuscated)
Bquery
CapitalOne
CapitalOne Deviceprint
CDN-NET
Coinbase
Cyberfend
Datadome (deobfuscated)
Distil Networks (deobfuscated)
Doubleverify
FingerprintJS Open Source
FingerprintJS Commercial
Forter (deobfuscated)
Fraudmetrix (deobfuscated - partially)
Giveaway Spam found in Google (deobfuscated)
Javascript loaded on Google.com
Google Botguard (no deobfuscation progress)
Google PubAds
Google IMA (ctrl-f for "callPhantom" to find where bot detection starts)
Imprint.js
Malvertising JavaScript found on a movie website
Malvertising JavaScript that was being distributed with a CSS file
Maxmind Device Fingerprinting
Meinkauf (austrian company) fingerprinting script
Moat
MyFreeCams
Unknown script found on Pastebin
Paypal Fb.js
Paypal Pa.js
PerimeterX (deobfuscated)
Pixelbundle.js
PopAds.js
Recaptcha.js (no deobfuscation progress)
Fingerprinting script found on Roberts Space Industries game site
shorte.st link shortener
SiftScience
Simility
Sixtufixer malvertising (deobfuscated)
Target antibot (needs to be deobfuscated)
ThreatMetrix (deobfuscated)
TinyPass
VCMedia
Wells Fargo anti-fraud script
WhiteOps
Yandex Metrics

supriyo-biswas/commercial-bot-detectors

commercial-bot-detectors