Bot Audit

We provide a bot audit service for headless browsers. We use an instrumented honeypot site to analyse your bot's behaviour to identify weaknesses that would allow websites to determine that you are a bot. We provide a detailed report on the detection signals your bot triggers, as well as guidance on how to fix them.

Why Bot Audits Matter

  • Threat Intelligence: In the context of threat intelligence and anti-phishing operations, threat actors can "cloak" their sites from bots. They'll serve benign content to detected bots but deliver phishing pages or malware to real human users. To get accurate threat intelligence, you need your bot to see the actual threat content, not the cloaked benign version.
  • Web Scraping: Sites can block your bot from accessing their content if they detect it as automated. A bot audit helps you identify what makes your bot detectable so you can improve its stealth capabilities.

Our Detection Technology

We run an instrumented honeypot site that performs comprehensive analysis of client sessions:

  • Request Header Analysis: Examination of HTTP headers, user agents, and request characteristics
  • JavaScript Runtime Inspection: Analysis of the JavaScript execution environment, including detection of injected code, as well as specific detections for Playwright, Puppeteer, Selenium, and Chrome Debugging Protocol
  • Security Policy Checks: Detection of disabled TLS certificate validation and same-origin policy
  • Network Capability Probes: Testing DNS, IPv6, WebRTC, and Tor hidden service connectivity
  • Browser Feature Detection: Web workers, WebGL, fonts, canvas fingerprinting, and other browser APIs
  • Interaction Analysis: Examination of interaction patterns, timing characteristics, and event handling

Our tooling uses over 200 signals to classify client sessions as a headless browser or a real human user.

What You Get

A Bot Audit from BotForensics gets you:

  • Detailed analysis of the detection signals that your bot triggers
  • Identification of specific weaknesses that make your bot detectable
  • Comparison against real browser characteristics
  • Actionable recommendations for improving your bot's stealth capabilities
  • Technical details on which signals are most critical for detection
  • Guidance on how to address identified weaknesses

How It Works

  1. Point Your Bot: Direct your bot to visit our collector page (if you routinely fetch URLs from VirusTotal or CT logs you're probably doing this already)
  2. Automated Analysis: Our instrumented honeypot site collects data about your bot
  3. Signal Processing: We analyse over 200 unique signals to classify your bot
  4. Detailed Reporting: You receive a comprehensive report identifying all detection weaknesses
  5. Improvement Guidance: We provide recommendations on how to address identified issues

Use Cases

Bot Audits are recommended for:

  • Threat intelligence teams who need their bot to bypass cloaking and see actual phishing/malware content
  • Security researchers conducting automated analysis of malicious websites
  • Web scraping operations that need to avoid detection and blocking
  • AI browser developers and users (Comet, Atlas, Dia) who want to understand detection signals
  • Bot developers who want to improve their bot's ability to appear human-like
  • Organisations testing their own bot detection systems
Email us Schedule a call