@niksbanna/bot-detector 1.0.2 → 1.0.4

package/src/signals/automation/PhantomJSSignal.js

@@ -1,137 +0,0 @@
-/**
- * @fileoverview Detects PhantomJS-specific artifacts.
- */
-
-import { Signal } from '../../core/Signal.js';
-
-/**
- * Detects artifacts left by PhantomJS.
- * PhantomJS is an older headless browser that leaves specific traces.
- */
-class PhantomJSSignal extends Signal {
-  static id = 'phantomjs';
-  static category = 'automation';
-  static weight = 1.0;
-  static description = 'Detects PhantomJS automation artifacts';
-
-  async detect() {
-    const indicators = [];
-    let confidence = 0;
-
-    // Check for PhantomJS globals
-    if (window.callPhantom) {
-      indicators.push('callPhantom');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    if (window._phantom) {
-      indicators.push('_phantom');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    if (window.phantom) {
-      indicators.push('phantom');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for PhantomJS in user agent
-    const ua = navigator.userAgent || '';
-    if (ua.includes('PhantomJS')) {
-      indicators.push('phantomjs-ua');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for PhantomJS specific properties
-    if (window.__phantomas) {
-      indicators.push('phantomas');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for CasperJS (built on PhantomJS)
-    if (window.__casper) {
-      indicators.push('casperjs');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    if (window.casper) {
-      indicators.push('casper-global');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for SlimerJS (PhantomJS alternative)
-    if (window.slimer) {
-      indicators.push('slimerjs');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for NightmareJS (Electron-based, similar patterns)
-    if (window.__nightmare) {
-      indicators.push('nightmare');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    if (window.nightmare) {
-      indicators.push('nightmare-global');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for function sources containing PhantomJS
-    try {
-      const funcString = Function.prototype.toString.call(Function);
-      if (funcString.includes('phantom') || funcString.includes('Phantom')) {
-        indicators.push('function-prototype-phantom');
-        confidence = Math.max(confidence, 0.8);
-      }
-    } catch (e) {
-      // Ignore errors
-    }
-
-    // Check for PhantomJS-specific behaviors
-    // PhantomJS has a specific way of handling errors
-    try {
-      throw new Error('test');
-    } catch (e) {
-      const stack = e.stack || '';
-      if (stack.includes('phantom')) {
-        indicators.push('stack-trace-phantom');
-        confidence = Math.max(confidence, 0.9);
-      }
-    }
-
-    // Check for PhantomJS-specific plugin handling
-    if (navigator.plugins && navigator.plugins.length === 0) {
-      // Combined with other PhantomJS indicators
-      if (indicators.length > 0) {
-        indicators.push('no-plugins-phantom');
-        confidence = Math.max(confidence, 0.5);
-      }
-    }
-
-    // Check for specific PhantomJS window properties
-    const phantomProps = [
-      '__PHANTOM__',
-      'PHANTOM',
-      'Buffer', // PhantomJS exposes Node.js Buffer
-      'process', // May expose Node.js process
-    ];
-
-    for (const prop of phantomProps) {
-      if (prop in window && prop !== 'Buffer' && prop !== 'process') {
-        indicators.push(`phantom-prop-${prop.toLowerCase()}`);
-        confidence = Math.max(confidence, 0.9);
-      }
-    }
-
-    // Check for QtWebKit (PhantomJS engine)
-    if (ua.includes('QtWebKit')) {
-      indicators.push('qtwebkit');
-      confidence = Math.max(confidence, 0.7);
-    }
-
-    const triggered = indicators.length > 0;
-
-    return this.createResult(triggered, { indicators }, confidence);
-  }
-}
-
-export { PhantomJSSignal };

package/src/signals/automation/PlaywrightSignal.js

@@ -1,129 +0,0 @@
-/**
- * @fileoverview Detects Playwright-specific artifacts.
- */
-
-import { Signal } from '../../core/Signal.js';
-
-/**
- * Detects artifacts left by Playwright automation.
- * Playwright injects specific objects and leaves traces.
- */
-class PlaywrightSignal extends Signal {
-  static id = 'playwright';
-  static category = 'automation';
-  static weight = 1.0;
-  static description = 'Detects Playwright automation artifacts';
-
-  async detect() {
-    const indicators = [];
-    let confidence = 0;
-
-    // Check for Playwright namespace
-    if (window.__playwright) {
-      indicators.push('playwright-namespace');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for Playwright-injected objects
-    const playwrightGlobals = [
-      '__playwright',
-      '__pw_manual',
-      '__pwInitScripts',
-      'playwright',
-    ];
-
-    for (const global of playwrightGlobals) {
-      if (global in window) {
-        indicators.push(`global-${global}`);
-        confidence = Math.max(confidence, 1.0);
-      }
-    }
-
-    // Check for Playwright's binding pattern
-    if (window.__playwright__binding__) {
-      indicators.push('playwright-binding');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for Playwright-specific user agent markers
-    const ua = navigator.userAgent || '';
-    if (ua.includes('Playwright') || ua.includes('HeadlessChrome')) {
-      indicators.push('playwright-ua-marker');
-      confidence = Math.max(confidence, ua.includes('Playwright') ? 1.0 : 0.7);
-    }
-
-    // Check for navigator.webdriver (Playwright sets this in headless)
-    if (navigator.webdriver === true) {
-      indicators.push('webdriver-flag');
-      confidence = Math.max(confidence, 0.8);
-    }
-
-    // Check for Playwright's evaluate scope pattern
-    try {
-      // Playwright injects __pwBinding__ functions
-      const windowKeys = Object.keys(window);
-      const pwBindings = windowKeys.filter(k => k.startsWith('__pw'));
-      
-      if (pwBindings.length > 0) {
-        indicators.push('pw-bindings');
-        confidence = Math.max(confidence, 1.0);
-      }
-    } catch (e) {
-      // Ignore errors
-    }
-
-    // Check for Playwright's typical initialization patterns
-    if (typeof window.__pw_date_intercepted !== 'undefined') {
-      indicators.push('date-interception');
-      confidence = Math.max(confidence, 0.9);
-    }
-
-    // Check for Playwright's geolocation mock
-    if (window.__pw_geolocation__) {
-      indicators.push('geolocation-mock');
-      confidence = Math.max(confidence, 0.9);
-    }
-
-    // Check for Playwright's permission override
-    if (window.__pw_permissions__) {
-      indicators.push('permissions-override');
-      confidence = Math.max(confidence, 0.9);
-    }
-
-    // Check CDP session artifacts
-    if (window.__cdpSession__) {
-      indicators.push('cdp-session');
-      confidence = Math.max(confidence, 0.8);
-    }
-
-    // Check for error stack traces containing Playwright
-    try {
-      throw new Error('stack trace test');
-    } catch (e) {
-      const stack = e.stack || '';
-      if (stack.includes('playwright') || stack.includes('__pw')) {
-        indicators.push('stack-trace-playwright');
-        confidence = Math.max(confidence, 0.8);
-      }
-    }
-
-    // Check for Playwright's locale/timezone mocking
-    try {
-      const date = new Date();
-      const localeString = date.toLocaleString();
-      // Playwright often mocks timezone
-      if (window.__pwTimezone__) {
-        indicators.push('timezone-mock');
-        confidence = Math.max(confidence, 0.8);
-      }
-    } catch (e) {
-      // Ignore errors
-    }
-
-    const triggered = indicators.length > 0;
-
-    return this.createResult(triggered, { indicators }, confidence);
-  }
-}
-
-export { PlaywrightSignal };

package/src/signals/automation/PuppeteerSignal.js

@@ -1,122 +0,0 @@
-/**
- * @fileoverview Detects Puppeteer-specific artifacts.
- */
-
-import { Signal } from '../../core/Signal.js';
-
-/**
- * Detects artifacts left by Puppeteer automation.
- * Puppeteer leaves various fingerprints in the browser context.
- */
-class PuppeteerSignal extends Signal {
-  static id = 'puppeteer';
-  static category = 'automation';
-  static weight = 1.0;
-  static description = 'Detects Puppeteer automation artifacts';
-
-  async detect() {
-    const indicators = [];
-    let confidence = 0;
-
-    // Check for Puppeteer evaluation script marker
-    if (window.__puppeteer_evaluation_script__) {
-      indicators.push('puppeteer-evaluation-script');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for Puppeteer-injected functions
-    const puppeteerGlobals = [
-      '__puppeteer_evaluation_script__',
-      '__puppeteer',
-      'puppeteer',
-    ];
-
-    for (const global of puppeteerGlobals) {
-      if (global in window) {
-        indicators.push(`global-${global}`);
-        confidence = Math.max(confidence, 1.0);
-      }
-    }
-
-    // Check for HeadlessChrome in user agent (common with Puppeteer)
-    const ua = navigator.userAgent || '';
-    if (ua.includes('HeadlessChrome')) {
-      indicators.push('headless-chrome-ua');
-      confidence = Math.max(confidence, 0.9);
-    }
-
-    // Check for Puppeteer's typical Chrome DevTools Protocol artifacts
-    if (window.cdc_adoQpoasnfa76pfcZLmcfl_Array ||
-        window.cdc_adoQpoasnfa76pfcZLmcfl_Promise ||
-        window.cdc_adoQpoasnfa76pfcZLmcfl_Symbol) {
-      indicators.push('cdp-artifacts');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for DevTools protocol detection
-    try {
-      // Puppeteer often leaves eval traces
-      const evalTest = window.eval.toString();
-      if (evalTest.includes('puppeteer')) {
-        indicators.push('eval-puppeteer');
-        confidence = Math.max(confidence, 0.9);
-      }
-    } catch (e) {
-      // Ignore errors
-    }
-
-    // Check for typical Puppeteer page.evaluate patterns in stack traces
-    try {
-      throw new Error('stack trace test');
-    } catch (e) {
-      const stack = e.stack || '';
-      if (stack.includes('puppeteer') || stack.includes('pptr')) {
-        indicators.push('stack-trace-puppeteer');
-        confidence = Math.max(confidence, 0.8);
-      }
-    }
-
-    // Check for Puppeteer's default viewport (800x600)
-    if (window.innerWidth === 800 && window.innerHeight === 600) {
-      // Only weak indicator - could be coincidence
-      indicators.push('default-viewport');
-      confidence = Math.max(confidence, 0.3);
-    }
-
-    // Check for navigator.webdriver (Puppeteer sets this)
-    if (navigator.webdriver === true) {
-      indicators.push('webdriver-flag');
-      confidence = Math.max(confidence, 0.9);
-    }
-
-    // Check for binding injection pattern
-    // Puppeteer's exposeFunction creates window bindings
-    // Exclude __zone_symbol__* (Angular/Zone.js) which are benign
-    const suspiciousBindings = Object.keys(window).filter(key => {
-      return key.startsWith('__') &&
-        !key.startsWith('__zone_symbol__') &&
-        typeof window[key] === 'function';
-    });
-
-    if (suspiciousBindings.length > 5) {
-      indicators.push('suspicious-bindings');
-      confidence = Math.max(confidence, 0.5);
-    }
-
-    // Check Chrome object anomalies (Puppeteer headless)
-    // Note: in a normal Chrome page, window.chrome.runtime exists but runtime.id is
-    // only set inside Chrome extensions. Only flag when runtime itself is absent.
-    if (typeof window.chrome !== 'undefined') {
-      if (!window.chrome.runtime) {
-        indicators.push('incomplete-chrome-object');
-        confidence = Math.max(confidence, 0.4);
-      }
-    }
-
-    const triggered = indicators.length > 0;
-
-    return this.createResult(triggered, { indicators }, confidence);
-  }
-}
-
-export { PuppeteerSignal };

package/src/signals/automation/SeleniumSignal.js

@@ -1,151 +0,0 @@
-/**
- * @fileoverview Detects Selenium WebDriver artifacts.
- */
-
-import { Signal } from '../../core/Signal.js';
-
-/**
- * Detects artifacts left by Selenium WebDriver.
- * Selenium leaves various fingerprints in the browser context.
- */
-class SeleniumSignal extends Signal {
-  static id = 'selenium';
-  static category = 'automation';
-  static weight = 1.0;
-  static description = 'Detects Selenium WebDriver artifacts';
-
-  async detect() {
-    const indicators = [];
-    let confidence = 0;
-
-    // Check for navigator.webdriver (standard WebDriver flag)
-    if (navigator.webdriver === true) {
-      indicators.push('webdriver-flag');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for Selenium-specific globals
-    const seleniumGlobals = [
-      '_selenium',
-      'callSelenium',
-      '_Selenium_IDE_Recorder',
-      '__selenium_evaluate',
-      '__selenium_unwrap',
-      '__webdriver_evaluate',
-      '__webdriver_unwrap',
-      '__webdriver_script_function',
-      '__webdriver_script_func',
-      '__fxdriver_evaluate',
-      '__fxdriver_unwrap',
-      'webdriver',
-    ];
-
-    for (const global of seleniumGlobals) {
-      if (global in window) {
-        indicators.push(`global-${global}`);
-        confidence = Math.max(confidence, 1.0);
-      }
-    }
-
-    // Check for Selenium document properties
-    const seleniumDocProps = [
-      '__webdriver_script_fn',
-      '__driver_evaluate',
-      '__webdriver_evaluate',
-      '__selenium_evaluate',
-      '__fxdriver_evaluate',
-      '__driver_unwrap',
-      '__webdriver_unwrap',
-      '__selenium_unwrap',
-      '__fxdriver_unwrap',
-    ];
-
-    for (const prop of seleniumDocProps) {
-      if (prop in document) {
-        indicators.push(`document-${prop}`);
-        confidence = Math.max(confidence, 1.0);
-      }
-    }
-
-    // Check for ChromeDriver artifacts ($cdc variables)
-    const windowKeys = Object.keys(window);
-    
-    // ChromeDriver injects variables starting with $cdc_ or $wdc_
-    const cdcVars = windowKeys.filter(key => 
-      key.startsWith('$cdc_') || 
-      key.startsWith('$wdc_') ||
-      key.startsWith('$chrome_asyncScriptInfo')
-    );
-
-    if (cdcVars.length > 0) {
-      indicators.push('chromedriver-variables');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for GeckoDriver (Firefox) artifacts
-    if (window.webdriverCallback || document.documentElement.getAttribute('webdriver')) {
-      indicators.push('geckodriver-artifacts');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for webdriver in document element attributes
-    try {
-      const docElement = document.documentElement;
-      if (docElement.hasAttribute('webdriver') || 
-          docElement.getAttribute('selenium') ||
-          docElement.getAttribute('driver')) {
-        indicators.push('document-webdriver-attr');
-        confidence = Math.max(confidence, 1.0);
-      }
-    } catch (e) {
-      // Ignore errors
-    }
-
-    // Check for Selenium IDE artifacts
-    if (window.selenium || window.sideex) {
-      indicators.push('selenium-ide');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for navigator.webdriver property descriptor anomalies
-    try {
-      const descriptor = Object.getOwnPropertyDescriptor(Navigator.prototype, 'webdriver');
-      if (descriptor) {
-        // Check if the getter has been modified
-        if (descriptor.get) {
-          const getterStr = descriptor.get.toString();
-          if (!getterStr.includes('[native code]')) {
-            indicators.push('webdriver-getter-modified');
-            confidence = Math.max(confidence, 0.7);
-          }
-        }
-      }
-    } catch (e) {
-      // Ignore errors
-    }
-
-    // Check for driver command executor
-    if (window.domAutomation || window.domAutomationController) {
-      indicators.push('dom-automation');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    // Check for callPhantom alternative used by some Selenium setups
-    if (window.awesomium) {
-      indicators.push('awesomium');
-      confidence = Math.max(confidence, 0.9);
-    }
-
-    // Check for external interface (used by some automation tools)
-    if (window.external && window.external.toString().includes('Selenium')) {
-      indicators.push('external-selenium');
-      confidence = Math.max(confidence, 1.0);
-    }
-
-    const triggered = indicators.length > 0;
-
-    return this.createResult(triggered, { indicators }, confidence);
-  }
-}
-
-export { SeleniumSignal };

package/src/signals/automation/index.js

@@ -1,8 +0,0 @@
-/**
- * @fileoverview Automation signals index.
- */
-
-export { PuppeteerSignal } from './PuppeteerSignal.js';
-export { PlaywrightSignal } from './PlaywrightSignal.js';
-export { SeleniumSignal } from './SeleniumSignal.js';
-export { PhantomJSSignal } from './PhantomJSSignal.js';