Loading...
Loading...
Profile a website for bot detection vendors using stealth vs non-stealth Kernel browsers. Use when analyzing bot detection on a website, comparing stealth effectiveness, identifying anti-bot vendors and products, or detecting challenge types.
npx skill4agent add kernel/skills profile-website-bot-detectionjqbrew install jqapt install jqKERNEL_API_KEY# Create stealth browser (with -s flag)
kernel browsers create -s --viewport 1920x1080@25 -t 300
# Save session_id as STEALTH_ID
# Create non-stealth headful browser (no -s flag)
kernel browsers create --viewport 1920x1080@25 -t 300
# Save session_id as NORMAL_IDcd scripts
npm install # first run only
# Test with stealth browser
KERNEL_API_KEY=$KERNEL_API_KEY KERNEL_BROWSER_ID=$STEALTH_ID TARGET_URL=<url> BROWSER_MODE=stealth npm run analyze
# Test with non-stealth browser
KERNEL_API_KEY=$KERNEL_API_KEY KERNEL_BROWSER_ID=$NORMAL_ID TARGET_URL=<url> BROWSER_MODE=normal npm run analyze# Set the hostname folder (e.g., chase-com for chase.com)
HOST=chase-com
# Quick verdict comparison
echo "=== STEALTH VERDICT ===" && cat output/$HOST/stealth/report-*.json | jq '.summary.verdict'
echo "=== NORMAL VERDICT ===" && cat output/$HOST/normal/report-*.json | jq '.summary.verdict'
# Compare block status
echo "=== STEALTH BLOCKED ===" && cat output/$HOST/stealth/report-*.json | jq '.summary | {isBlocked, blockedPages, blockedVendors}'
echo "=== NORMAL BLOCKED ===" && cat output/$HOST/normal/report-*.json | jq '.summary | {isBlocked, blockedPages, blockedVendors}'
# Compare detected vendors
echo "=== STEALTH VENDORS ===" && cat output/$HOST/stealth/report-*.json | jq '.summary.vendorNames'
echo "=== NORMAL VENDORS ===" && cat output/$HOST/normal/report-*.json | jq '.summary.vendorNames'| Scenario | Stealth | Normal | Meaning |
|---|---|---|---|
| No vendors detected | 0 | 0 | Site has no bot detection |
| Same vendors, no blocks | N | N | Bot detection present, both pass |
| Normal blocked, stealth passes | 0 blocks | Blocked | Stealth mode is effective |
| Both blocked | Blocked | Blocked | Bot detection defeats stealth |
| Different challenge types | Lighter | Harder | Stealth reduces suspicion |
## Bot Detection Comparative Analysis: [TARGET_URL]
### Verdict
- **Stealth Browser**: [verdict from summary.verdict]
- **Normal Browser**: [verdict from summary.verdict]
- **Stealth Effectiveness**: [Effective/Ineffective/Inconclusive]
### Block Status
| Browser | Blocked | Block Type | Evidence |
|---------|---------|------------|----------|
| Stealth | [Yes/No] | [blockType or N/A] | [first evidence item] |
| Normal | [Yes/No] | [blockType or N/A] | [first evidence item] |
### Detected Vendors
| Vendor | Stealth | Normal | Products |
|--------|---------|--------|----------|
| [vendor] | ✓/✗ | ✓/✗ | [product list] |
### Analysis
- [Explain what the results mean]
- [Note any differences between stealth and normal]
- [Recommend next steps if blocked]
### Key Findings
1. [Finding 1]
2. [Finding 2]
3. [Finding 3]summary.verdictsummary.isBlockedsummary.blockedPagessummary.vendorNamesvendorDetectionskernel browsers delete -y $STEALTH_ID
kernel browsers delete -y $NORMAL_ID| Vendor | Products Detected |
|---|---|
| Akamai | Bot Manager, Bot Manager Premier, mPulse RUM, Sensor Script, Edge DNS |
| Cloudflare | Bot Management, Turnstile, Challenge Platform, JS Challenge, Managed Challenge |
| DataDome | Interstitial Challenge, Slider Challenge, Device Check, Picasso Fingerprint |
| HUMAN/PerimeterX | Bot Defender, Sensor SDK, Press & Hold Challenge |
| Imperva/Incapsula | Advanced Bot Protection (utmvc), Advanced Bot Protection (reese84), WAF |
| Kasada | IPS (Initial Page Security), FP (Fingerprint Endpoint), Telemetry, POW Challenge |
| reCAPTCHA v2, reCAPTCHA v3, reCAPTCHA Enterprise | |
| hCaptcha | Widget, Enterprise |
| FingerprintJS | Fingerprint Pro, BotD |
| Arkose Labs | FunCaptcha |
_abck__cf_bmdatadome_px*cf-rayx-kpsdk-*x-d-tokendd.t === 'bv'~0~/login/signinscripts/output/<hostname>/<mode>/report-<timestamp>.jsonscreenshot-homepage-<timestamp>.pngscreenshot-login-<timestamp>.pngoutput/chase-com/
├── stealth/
│ ├── report-*.json
│ ├── screenshot-homepage-*.png
│ └── screenshot-login-*.png
└── normal/
├── report-*.json
├── screenshot-homepage-*.png
└── screenshot-login-*.pngsummaryverdictisBlockedvendorNamesblockedPagesvendorDetectionsblockDetectionsvendorScriptsDetectednetworkRequests/networkResponsescookies# Create both browsers
STEALTH_ID=$(kernel browsers create -s --viewport 1920x1080@25 -t 300 -o json | jq -r '.session_id')
NORMAL_ID=$(kernel browsers create --viewport 1920x1080@25 -t 300 -o json | jq -r '.session_id')
echo "Stealth: $STEALTH_ID"
echo "Normal: $NORMAL_ID"
# Run analysis on both
cd scripts
KERNEL_API_KEY=$KERNEL_API_KEY KERNEL_BROWSER_ID=$STEALTH_ID TARGET_URL=chase.com BROWSER_MODE=stealth npm run analyze
KERNEL_API_KEY=$KERNEL_API_KEY KERNEL_BROWSER_ID=$NORMAL_ID TARGET_URL=chase.com BROWSER_MODE=normal npm run analyze
# Output structure:
# ./output/chase-com/stealth/report-*.json
# ./output/chase-com/stealth/screenshot-*.png
# ./output/chase-com/normal/report-*.json
# ./output/chase-com/normal/screenshot-*.png
# Quick comparison - check verdicts
echo "--- Stealth verdict ---"
cat output/chase-com/stealth/report-*.json | jq '.summary.verdict'
echo "--- Normal verdict ---"
cat output/chase-com/normal/report-*.json | jq '.summary.verdict'
# Detailed vendor comparison
echo "--- Stealth vendors ---"
cat output/chase-com/stealth/report-*.json | jq '.summary.vendorNames'
echo "--- Normal vendors ---"
cat output/chase-com/normal/report-*.json | jq '.summary.vendorNames'
# Cleanup
kernel browsers delete -y $STEALTH_ID
kernel browsers delete -y $NORMAL_ID_abckbm_szbm_sv~0~_abck__cf_bmcf_clearance/cdn-cgi/challenge-platform/challenges.cloudflare.com/turnstiledatadomedd.t === 'bv'_px2_px3_pxhd/_Incapsula_Resourcex-d-tokenx-kpsdk-ctx-kpsdk-cdips.js/fp