Detecting Datacenter/Residential Proxies Part Two

Posted on April 24, 2021 in Security • Tagged with Proxy Detection • 2 min read

Detecting proxys can't be that hard? Can it?


Continue reading

Behavioral Analysis for Bot Detection

Posted on April 11, 2021 in Security • Tagged with Behavioral Analysis, Bot Detection • 4 min read

Behavioral analysis is an interesting approach to detect bots. It surely is not the panacea for bot detection, but it certainly is an useful extension in your bot hunting tool belt.


Continue reading

TCP/IP Fingerprinting for VPN and Proxy Detection

Posted on March 13, 2021 in Security • Tagged with TCP, IP, fingerprinting, Proxy, VPN • 9 min read

TCP/IP fingerprinting is as old as the Internet itself. But this technique seems to have lost it's relevancy in our modern times. However, with the rise of Proxy and VPN Providers, TCP/IP fingerprinting becomes interesting again from a security perspective.


Continue reading

Why does this Website know that I am sitting on the Toilet?

Posted on February 05, 2021 in Security • Tagged with JavaScript, deviceorientation, devicemotion • 4 min read

Android mobile devices give to any website device orientation and device motion data. This data is quite sensitive in nature and should not be granted to websites without obtaining explicit user consent.


Continue reading

Browser Red Pills: Why are you browsing my website from AWS Lambda?

Posted on January 17, 2021 in Security • Tagged with red pill, Bot, Advanced Bots, JavaScript, Puppeteer, Playwright • 10 min read

Advanced bots use modern browsers and automation frameworks such as puppeteer and playwright. It becomes increasingly hard to distinguish bots from real human traffic, therefore, new methods are required.


Continue reading

Browser based Port Scanning with JavaScript

Posted on January 10, 2021 in Security • Tagged with browser, port scanning, JavaScript • 13 min read

In this article, various techniques to conduct port scanning from within the browser are developed. Modern JavaScript is used.


Continue reading