Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
@fingerprintjs/botd
Advanced tools
Readme
BotD is an open source library that we created to make it easy for every developer to detect basic bots in their web apps.
It is available under a permissive MIT license and will always be free for developers and commercial use.
For more demanding applications we created a professional API-based bot detection software that is called Fingerprint Pro Bot Detection.
<script>
// Initialize an agent at application startup, once per page/app.
const botdPromise = import('https://openfpcdn.io/botd/v1').then((Botd) => Botd.load())
// Get detection results when you need them.
botdPromise
.then((botd) => botd.detect())
.then((result) => console.log(result))
.catch((error) => console.error(error))
</script>
npm i @fingerprintjs/botd
# or
yarn add @fingerprintjs/botd
import { load } from '@fingerprintjs/botd'
// Initialize an agent at application startup, once per page/app.
const botdPromise = load()
// Get detection results when you need them.
botdPromise
.then((botd) => botd.detect())
.then((result) => console.log(result))
.catch((error) => console.error(error))
Fingerprint Pro Bot Detection is a professional bot detection service that processes all information server-side and transmits it securely to your servers using server-to-server APIs.
Fingerprint Pro Bot Detection provides both browser and server-side APIs that make the process of bot detection fast and secure. When using the Pro Bot Detection, use the browser JavaScript SDK to obtain the requestID value and then verify this value using our server API.
The Pro product combines vast amounts of auxiliary data that bots leak (cursor movements, network overrides, browser changes and more) to be able to reliably deduplicate real users from automated software, resulting in the detection of popular automation tools, their derivatives and plugins.
A big advantage of the Pro detection is that it's able to distinguish good bots from bad ones that allow you to block malicious traffic without blocking search engine crawlers, monitoring workers, etc.
Full product comparison:
Open Source | Pro | |
---|---|---|
Core Features | ||
100% open source | yes | no1 |
Search engine detection works in all modern browsers - see our full list of browsers supported | – | ✓ |
Automation web services detection | – | ✓ |
Automation browser extensions detection | – | ✓ |
Detectable automation tools & frameworks | ||
Headless Browsers (Chrome, Firefox) | ✓ | ✓ |
seleniumHQ/selenium umbrella project encapsulating a variety of tools and libraries enabling web browser automation | ✓ | ✓ |
microsoft/playwright Node.js library to automate Chromium, Firefox and WebKit with a single API | ✓ | ✓ |
ariya/phantomjs headless WebKit scriptable with JavaScript | ✓ | ✓ |
segmentio/nightmare high-level browser automation library | ✓ | ✓ |
electron/electron framework lets you write cross-platform desktop applications using JavaScript, HTML and CSS | ✓ | ✓ |
laurentj/slimerjs scriptable browser | ✓ | ✓ |
Detectable stealth plugins | ||
berstend/puppeteer-extra/packages/puppeteer-extra-plugin-stealth plugin for puppeteer-extra to prevent detection. | - | ✓ |
microlinkhq/browserless efficient driver for controlling headless browsers built on top of puppeteer developed for scenarios where performance matters | - | ✓ |
ultrafunkamsterdam/undetected-chromedriver optimized Selenium Chromedriver patch which does not trigger anti-bot services | - | ✓ |
MeiK2333/pyppeteer_stealth stealth plugin for pyppeteer | - | ✓ |
Additional Features | ||
Server-side accuracy increase based on additional server-side data, such as TLS crypto support, ipv4/v6 data and others | – | ✓ |
Query API build flexible workflows | – | ✓ |
Operations | ||
Data security | Your infrastructure | Encrypted at rest |
Storage | Your infrastructure | Unlimited up to 1 yr |
Regions | Your infrastructure | Hosting in US, EU and Mumbai |
Compliance | Your infrastructure | GDPR, CCPA compliant2 |
SLA | No SLA | 99.9% Uptime |
Support | GitHub community | Support team via email, chat, and call-back within 1 business day |
1. Pro uses the open source BotD library as well as proprietary technology for increased accuracy and result stability.
2. Fingerprint Pro is GDPR and CCPA compliant as the data processor. You still need to be compliant as the data controller and use the bot detection for fraud prevention under legitimate interest or ask for user consent.
Pro result example:
{
"bot": {
"result": "bad"
"type": "selenium"
}
}
📕 Fingerprint Pro documentation
v0
The library supports all popular browsers. See more details and learn how to run the library in old browsers in the browser support guide.
Thanks to our series B funding, we are happy to provide technical support for our open-source BotD library. We recommend using GitHub Issues to submit bugs or Discussions to ask questions. Using issues and discussions publicly will help the open-source community and other users with similar issues. However, if you require private support, please email us at oss-support@fingerprint.com.
See the contributing guidelines to learn how to start a playground, test and build.
© 2023 FingerprintJS, Inc
FAQs
botd is a browser library for JavaScript bot detection
The npm package @fingerprintjs/botd receives a total of 10,446 weekly downloads. As such, @fingerprintjs/botd popularity was classified as popular.
We found that @fingerprintjs/botd demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.