Posted on December 18, 2021 in Security • Tagged with spectre, meltdown, cache-attacks, high-precision-timing, JavaScript • 10 min read
I in this blog post, I am investigating the current state of high precision JavaScript timers. High precision timing techniques were mostly used to launch CPU-level cache attacks such as Spectre and Meltdown from the browser. I am interested in other use cases though...
Posted on February 05, 2021 in Security • Tagged with JavaScript, deviceorientation, devicemotion • 3 min read
Android mobile devices give to any website device orientation and device motion data. This data is quite sensitive in nature and should not be granted to websites without obtaining explicit user consent.
Posted on January 17, 2021 in Security • Tagged with red pill, Bot, Advanced Bots, JavaScript, Puppeteer, Playwright • 6 min read
Advanced bots use modern browsers and automation frameworks such as puppeteer and playwright. It becomes increasingly hard to distinguish bots from real human traffic, therefore, new methods are required.
Posted on January 10, 2021 in Security • Tagged with browser, port scanning, JavaScript • 10 min read
In this article, various techniques to conduct port scanning from within the browser are developed. Modern JavaScript is used.
Posted on December 27, 2020 in JavaScript • Tagged with Adblock Plus, uBlock Origin, Adblock Detection, JavaScript • 5 min read
There are many resources in the Internet that show how to detect uBlock Origin and Adblock Plus. However, after some research, it became clear that most detection methods are unreliable and cease to exist after a while. In this blog article, a reliable detection method for uBlock Origin and Adblock Plus is demonstrated. No external libraries. Just plain and simple JavaScript.
Posted on December 24, 2020 in Programming • Tagged with Behavioral Analysis, JavaScript, Analytics, Mouse, Touch Events, Mobile, visibilitychange • 10 min read
In this blog post, I will introduce a JavaScript library that allows to track various user interactions of website visitors. Several key problems that arise when creating a JavaScript analytics application will be discussed and solved in this blog post.