Antibot Detector
Antibot Detector is a free Chrome extension that automatically identifies 26+ security technologies including CAPTCHAs, anti-bot protection systems, and fingerprinting techniques with confidence scoring.
Detection Capabilities
Antibot Detector identifies three main categories of security technologies using multi-layered detection:
CAPTCHA Systems
- reCAPTCHA (v2/v3)
- hCaptcha
- FunCaptcha (Arkose Labs)
- GeeTest
- Cloudflare Turnstile
Anti-Bot Systems
- Cloudflare
- DataDome
- PerimeterX
- Akamai
- Shape Security
- AWS WAF
- Imperva
How It Works
Antibot Detector uses a sophisticated multi-layer detection approach that combines four complementary methods:
DOM Inspection
Scans HTML elements and attributes for telltale signs of CAPTCHA widgets and security scripts embedded in the page structure.
Network Monitoring
Analyzes HTTP headers, cookies, and network requests for security service signatures like challenge tokens and protection markers.
Window Properties
Checks for injected JavaScript objects that anti-bot services add to the browser's global scope for client-side validation.
API Interception
Hooks into browser APIs (Canvas, WebGL, Audio) to detect when fingerprinting techniques are actively collecting device information.
Installation
Choose your preferred installation method below. We recommend downloading from releases for the easiest setup.
What to Expect
Once the extension is published to the Chrome Web Store, installation will be streamlined:
-
Visit the Chrome Web Store
Navigate to the Antibot Detector page on the Chrome Web Store (link will be available once published).
-
Click "Add to Chrome"
A single click will automatically download and install the extension.
-
Confirm Permissions
Chrome will ask you to confirm the extension's required permissions.
-
Start Using Immediately
The extension will be instantly available in your browser - no manual setup required.
- Automatic updates: Get new features and bug fixes without manual downloads
- One-click installation: No need to enable Developer Mode or load unpacked extensions
- Verified by Google: Additional security review by the Chrome Web Store team
- Easy management: Update and uninstall directly from Chrome's extension manager
Step-by-Step Instructions
-
Download the Extension
Visit the GitHub Releases page and download the latest
antibot-detector-vX.X.X.zipfile. -
Extract the ZIP File
Unzip the downloaded file to a permanent location on your computer (e.g.,
~/antibot-detector). Important: Don't delete this folder after installation, as Chrome loads extensions from this location. -
Open Chrome Extensions Page
In Google Chrome, navigate to
chrome://extensions/or click the menu (⋮) → Extensions → Manage Extensions. -
Enable Developer Mode
Toggle the Developer mode switch in the top-right corner of the extensions page.
-
Load the Extension
Click the Load unpacked button and select the extracted folder from step 2.
-
Pin the Extension (Optional)
Click the puzzle piece icon (🧩) in Chrome's toolbar, find "Antibot Detector", and click the pin icon to keep it visible.
Build from Source
- Clone the Repository
- Install Dependencies
-
Build the Extension
This creates a production-ready build in the
dist/directory. -
Load in Chrome
Open Chrome, navigate to
chrome://extensions/, enable Developer Mode, click Load unpacked, and select thedist/folder.
Development Mode
For active development with file watching and automatic reloading:
This watches for file changes and rebuilds automatically. Load the extension from dist/ in Chrome, then reload the extension after each rebuild.
How to Use
Once installed, Antibot Detector works automatically in the background. Here's how to use it effectively:
Browse
Visit any website. Detection runs automatically on page load.
View Results
Click the extension icon to see detected technologies with confidence scores.
Analyze
View history, export data, or use advanced capture tools for specific services.
Reading Detection Results
The extension popup displays detected technologies with the following information:
| Element | Description |
|---|---|
| Service Name | The detected security technology (e.g., "Cloudflare", "reCAPTCHA v3") |
| Confidence Score | Percentage indicating detection certainty (higher = more confident). Scores combine evidence from multiple detection methods. |
| Category Badge | Color-coded badge: CAPTCHA, Anti-Bot, or Fingerprinting |
| Detection Methods | Expandable details showing which methods triggered (DOM, cookies, headers, etc.) |
Key Features
Multi-Layer Detection
Four detection methods working together for maximum accuracy:
- DOM Inspection: Scans HTML elements for CAPTCHA widgets
- Network Monitoring: Analyzes HTTP headers and cookies
- JavaScript API Hooks: Intercepts fingerprinting attempts
- Window Properties: Detects injected security objects
Optimized Performance
Built for speed with minimal browser overhead:
- 12-hour caching: Results cached per domain
- LRU pattern cache: 60-80% faster pattern matching
- Early-exit detection: Stops once match found
- ~80% cache hit rate: Typical performance metric
Detection History
Track detections across all your browsing sessions:
- Session tracking: View all past detections by website
- Filtering: Search by domain or technology type
- Export: Save results as JSON for analysis
- Configurable retention: Set history limit in settings
Advanced Capture Tools
Specialized tools for deep analysis of specific services:
- reCAPTCHA: Extract sitekey and selectors
- Akamai: Capture sensor data for analysis
- Imperva: Extract challenge parameters
- Shape Security: Analyze protection layers
Customizable Rules
Tailor detection to your specific needs:
- Rules Editor: Create custom detection patterns
- Import/Export: Share rules with your team
- URL Blacklist: Exclude specific domains from detection
- JSON-based: Easy to modify and extend
Privacy-First Design
Your data stays private:
- No data collection: Zero telemetry or analytics
- 100% local processing: Everything runs in your browser
- No external requests: No data sent to external servers
- Open source: Fully auditable code on GitHub
Common Use Cases
Scenario: You're planning to scrape a website and need to know what security challenges to expect.
How Antibot Detector Helps:
- Quickly identify which anti-bot systems are protecting the site
- Determine if CAPTCHAs are present (and which type)
- Detect fingerprinting techniques that may block automated browsers
- Plan your scraping strategy based on detected technologies
Scenario: You're auditing a website's security posture as part of a penetration test.
How Antibot Detector Helps:
- Catalog all security layers protecting the application
- Identify potential gaps in bot protection coverage
- Document security technologies for reports
- Compare security implementations across different pages
Scenario: You want to understand what security technologies competitors are using.
How Antibot Detector Helps:
- Quickly survey security stacks across multiple competitor sites
- Identify industry trends in anti-bot adoption
- Export historical data for trend analysis
- Benchmark your own security against competitors
Scenario: You're learning about web security and want to understand how anti-bot systems work in practice.
How Antibot Detector Helps:
- See real-world examples of security technologies in action
- Understand which detection methods reveal each technology
- Compare different implementations across websites
- Learn by examining the open-source detection logic
Troubleshooting
Possible Causes:
- The website genuinely has no detectable anti-bot technologies
- Detection hasn't completed yet (wait a few seconds after page load)
- Extension is disabled or not properly loaded
Solutions:
- Refresh the page and wait 3-5 seconds for detection to complete
- Verify the extension is enabled at
chrome://extensions - Check the browser console for errors (F12 → Console tab)
- Try a known-protected site like nike.com (has Akamai) or ticketmaster.com (has Cloudflare + Queue-it)
Explanation: First-time detection on a domain takes longer because the cache is empty. Subsequent visits to the same domain will be much faster (typically <1 second) due to 12-hour caching.
Expected Performance:
- First visit: 2-4 seconds (building cache)
- Cached visits: <1 second (instant results)
- Cache hit rate: ~80% for typical browsing patterns
Note: Complex pages with many scripts may take slightly longer on first detection.
Common Issues:
- Chrome Version: Ensure you're using Chrome 88+ (Manifest V3 requirement)
- Folder Deleted: The extension folder must remain in its original location
- Permissions: Check file permissions allow Chrome to read the extension files
- Conflicting Extensions: Other extensions may interfere (try disabling temporarily)
Reset Steps:
- Remove the extension from
chrome://extensions - Delete and re-download/re-extract the extension files
- Follow the installation steps again carefully
- Check Chrome console for specific error messages
Why This Happens:
- Anti-bot services constantly evolve their implementations
- Some services use conditional loading (only appear for suspicious traffic)
- Detection rules may need updates for new service versions
How to Help:
- Report false positives: Open a GitHub issue with the URL and detected technology
- Report missing detections: Include the URL and which technology you know is present
- Contribute rules: Submit a pull request with updated detection JSON files
Detection accuracy improves with community contributions!
Frequently Asked Questions
Yes! Antibot Detector is 100% free for personal and non-profit use under the NPOSL-3.0 License.
Commercial use (e.g., using it as part of paid services or within a company) requires a separate commercial license. Contact legal@scrapfly.io for commercial licensing inquiries.
Absolutely not. Antibot Detector is designed with privacy as a core principle:
- ✅ 100% local processing - all detection happens in your browser
- ✅ No telemetry - zero analytics, tracking, or data collection
- ✅ No external requests - doesn't communicate with any external servers
- ✅ Open source - you can audit the entire codebase on GitHub
Your browsing data and detection results never leave your computer.
Currently, Antibot Detector is Chrome-only (and Chromium-based browsers like Edge, Brave, Vivaldi).
Why Chrome-only? The extension uses Chrome's Manifest V3 API, which provides the best security and performance. While technically possible to port to Firefox, it would require significant adaptation due to Firefox's different extension architecture.
Community contributions welcome: If you're interested in porting to Firefox, feel free to fork the repo and submit a pull request!
License Requirement: Commercial use requires a separate license. However, Antibot Detector is best used as a reconnaissance tool, not for production scraping.
Better Solution for Commercial Scraping:
- Use Antibot Detector to identify what protection a site uses
- Use Scrapfly's API to bypass those protections automatically
- Scrapfly handles Cloudflare, DataDome, PerimeterX, Akamai, and more out-of-the-box
This workflow (detect → bypass with Scrapfly) is much more reliable than trying to build custom bypass logic for each anti-bot system.
Detection accuracy varies by technology type:
| Category | Typical Accuracy | Notes |
|---|---|---|
| CAPTCHA | 95%+ | Very high accuracy due to distinctive DOM elements and scripts |
| Anti-Bot | 85-90% | Good accuracy, but some services use obfuscation |
| Fingerprinting | 80-85% | Harder to detect passive fingerprinting; works best for active techniques |
Confidence scores help you gauge reliability - higher scores (80%+) indicate very reliable detection.
Yes! Antibot Detector supports custom detection rules through the built-in Rules Editor:
- Click the extension icon → Settings
- Navigate to Rules Editor
- Create a new JSON rule file or edit existing ones
- Use the Import/Export feature to share rules with your team
Rule Structure: Detection rules are JSON-based and specify patterns for cookies, DOM elements, URLs, headers, and more.
Contribute: If you create rules for a new anti-bot service, please consider submitting them as a PR to help the community!
Antibot Detector is actively maintained with updates based on:
- New anti-bot services: Rules added as new technologies emerge
- Service updates: Existing rules updated when services change their implementations
- Bug fixes: Issues reported by the community are addressed promptly
- Performance improvements: Ongoing optimizations to detection speed
Stay updated: Watch the GitHub repository for release notifications, or check the Releases page for changelog details.
Auto-updates: Once the extension is published to the Chrome Web Store, it will update automatically. For now, manual updates are required (re-download and load unpacked).
Contributing
Antibot Detector is open source and welcomes community contributions! Here's how you can help:
Add New Detectors
Found an anti-bot service we don't detect yet?
- Create a JSON detector file in
detectors/ - Specify detection patterns (cookies, DOM, headers, etc.)
- Include confidence scores per method
- Add test cases and documentation
- Submit a pull request!
Report Issues
Found a bug or false detection?
- Check existing issues first
- Include the URL where the issue occurs
- Describe expected vs. actual behavior
- Attach screenshots if relevant
- Include Chrome version and extension version