Home

Awesome

Brotector

Detects or even crashes (❌) webdrivers such as:

For the tests, each webdriver has at least to click the button with the ID clickHere

Detections

<p float="left"> <img src="assets/example_screenshot_headless.png" width="49%" /> <img src="assets/brotector_error_message.png" width="50%" /> </p>

navigator.webdriver

navigator.webdriver (JavaScript) is set to true


runtime.enabled

Runtime is enabled
score here refers to the certainty of the occurs when:


Input.cordinatesLeak

occurs due to crbug#1477537
CDP-Patches can be used to bypass this


window.cdc

a leak specific to chromedriver (selenium)
see stackoverflow-answer


"Input.untrusted"

Mouse event not dispatched by a user detected see Event.isTrusted property


canvasMouseVisualizer

CanvasRenderingContext2D.arc has been called with


UAOverride

navigator.userAgentData.getHighEntropyValues has empty data
(type=HighEntropyValues.empty, UA meaning UserAgent)


SeleniumScriptInjection


PWinitScript


stack.signature

detects injected javascript based on the stack trace in hooks


pdfStyle

a detection regarding PDF rendering, specific to puppeteer github issue or --enable-field-trial-config
Note: There might be false-positives


popupCrash

crashes chrome when automated with playwright or puppeteer due to crbug#340836884 (bypassable for testing ?crash=false)

Contribution

feel free to

Licence

see LICENSE

Author & Copyright

Aurin Aegerter (aka Steve, kaliiiiiiiiii)

Thanks // References