Fingerprinting is a practice in which websites identify a particular browser (and by extension, a particular user) by collecting and combining distinguishing features of the browser and underlying operating system. - Mozilla
A collection of browser fingerprinting projects, research, and resources. Intended as a way to aggregate research surrounding the subject. Please read the contributions section before opening a pull request.
| Library | Description |
|---|---|
| FingerprintJS | FingerprintJS open source library for fingerprinting browsers. |
| CreepJS | A compilation of browser fingerprinting research. |
| Supercookie | Fingerprinting visitors via favicons |
| TorZilla | Fingerprinting Gecko based browsers |
| TLS Fingerprinting | TLS Fingerprinting |
| FingerprintJS BotD | Bot detection library |
| Website Fingerprinting Library | Pytorch-based open-source library for website fingerprinting attacks |
| ThumbmarkJS | Opensource alternative to FingerprintJS |
- AmIUnique
- PixelScan
- tls.peet.ws
- tls.peet.ws (HTTP/3 API) - HTTP/3 version of the peet API
- The Illustrated TLS 1.3 Connection
- DeviceAndBrowserInfo
- BrowserLeaks
- Browserize (privacy check)
- bot-detector - demo of CDP leaks
- Cloudflare connection tool (Enterprise only) - shows CF management score (Enterprise only)
- Brave Farbling demo
- Chrome Extension Fingerprinting
- SneakerDev Discord
- Blog: Detecting Privacy Badger
- Blog: Salesforce TLS Fingerprinting
- Pixel Perfect: Fingerprinting Canvas in HTML5
- Dark Knowledge - A curated library of research papers and presentations for counter-detection and web privacy enthusiasts.
- Picasso: Lightweight Device Class Fingerprinting (Google Research)
- Fingerprinting Evasive Bots
- Blog: How anti-fingerprinting extensions tend to make fingerprinting easier
- Blog: Detecting Headless Browsers
- Blog: Detecting Puppeteer through JS Execution
- Reddit: Inside reCAPTCHA's development
- WebGPU Fingerprinting Attacks
- Who Touched My Browser Fingerprint
- Quantifying the Fingerprintability of Browser Extensions
- Fingerprinting in Style: Detecting Browser Extensions via Injected Style Sheets
- Cookieless Monster
- Blog: Browser Finerprinting via CSS
- Blog: nullpt.rs
- Blog: Detecting residential proxy networks
- Blog: pixelmelt.dev
- Blog: mimic.sbs
- Blog: yog's blog
- Blog: nullpt.rs
- Blog: Antoine Vastel
- Blog: Incolumitas
- Blog: Detecting proxies and VPN with latencies
- Blog: FP.js Audio fingerprinting
- Blog: antibot.blog
- Blog: JA4+ network fingerprinting
- Blog: http2 Fingerprinting
- One Million Site Tracking Measurements
- DeepFPD: Browser Fingerprinting Detection via Deep Learning
- The Devil is in the Details: Detection, Measurement and Lawfulness of Server-Side Tracking on the Web
- steakenthusiast - AST deobfuscation resources
- Bulldozer thesis
- Surreptitious Software by Christian Collberg (ISBN:
0321549252) - Mouse-Synthesizer - The most advanced mouse movement synthesizer based on the human hand biometric theory.
| Library | Description | Language |
|---|---|---|
| FingerprintSuite | Evade browser fingerprinting for headless browsers. | Typescript |
| Undetected Chromedriver | Modified selenium thats intended to bypass common headless browser checks | Python |
| PuppeteerExtra | Puppeteer extensions to evade common detections | Typescript |
| Puppeteer With Fingerprints | Puppeteer library to modify the browser fp | Javascript |
| FakeBrowser | Headless Browser Anti-detect | Javascript |
| JS Shelter | Extension to restrict the information gathered through browser fingerprinting | Javascript |
| Privacy Badger | Extension to block basic fingerprinting techniques | Javascript |
| Chameleon | Deprecated: Extension for blocking browser fingerprinting | Javascript |
| uTLS | TLS Impersonation Library | Golang |
| TLS Client | Built on top of uTLS offers a simpler wrapper with more profiles | Golang |
| Curl Impersonate | TLS Impersonation | Python |
| Reqwest Impersonate | TLS Impersonation | Rust |
| PRIMP | TLS Impersonation | Rust |
| CamouFox | Gecko Based Anti-Detect Browser | C++ |
Contributions are welcome. Please follow the general format when creating a pull request.