### Example Integration of Crypto Helpers Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/crypto-helpers.md Shows a comprehensive example of integrating various crypto helpers, including hashing, Brave browser detection, and engine-specific logic. ```javascript import { hashMini, hashify, IS_BLINK, braveBrowser, getBraveMode, } from './utils/helpers' import { hashify } from './utils/crypto' // Quick hash for comparison const quickHash = hashMini(fingerprint) // Cryptographic hash for storage const secureHash = await hashify(fingerprint) // Browser detection const isBrave = await braveBrowser() if (isBrave) { const mode = getBraveMode() if (mode.strict) { console.log('Brave Strict mode - reduced fingerprint entropy') } } // Engine-specific logic if (IS_BLINK) { // Chrome/Edge/Brave specific code } ``` -------------------------------- ### Complete Usage Flow Example Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/index.md Demonstrates the complete usage flow of CreepJS, including importing necessary modules, performing fingerprinting tests, and hashing the results. This example shows how to collect navigator, screen, and WebGL data. ```javascript import { attempt, timer, hashify, } from './utils' import getNavigator from './navigator' import getScreen from './screen' import getCanvasWebgl from './webgl' const perfTimer = timer('Fingerprinting start') const [ navigator, screen, webgl, ] = await Promise.all([ getNavigator(workerData), getScreen(), getCanvasWebgl(), ]) const elapsed = perfTimer('Fingerprinting complete') // Hash results const [navHash, screenHash, webglHash] = await Promise.all([ hashify(navigator), hashify(screen), hashify(webgl), ]) console.log(`Completed in ${elapsed}ms`) console.log(`Navigator hash: ${navHash}`) console.log(`Screen hash: ${screenHash}`) console.log(`WebGL hash: ${webglHash}`) ``` -------------------------------- ### Example Usage of getResistance Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/headless-resistance.md Demonstrates how to import and use the getResistance function to retrieve and log browser privacy and security information. This is a basic client-side integration example. ```javascript import getResistance from './resistance' const resistance = await getResistance() if (resistance.privacy) { console.log(`Privacy protection: ${resistance.privacy}`) if (resistance.mode) { console.log(` Mode: ${resistance.mode}`) } } if (resistance.timerPrecision.protection) { console.log(`Timer precision protection enabled`) console.log(` Precision: ${resistance.timerPrecision.precision}ms`) } console.log(`JS Engine: ${resistance.engine}`) ``` -------------------------------- ### Example Usage of getScreen Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/screen-media.md Demonstrates how to import and use the getScreen function to retrieve and log screen properties. ```javascript import getScreen from './screen' const screen = await getScreen() if (screen) { console.log(`Display: ${screen.width}x${screen.height}`) console.log(`Available: ${screen.availWidth}x${screen.availHeight}`) console.log(`Color Depth: ${screen.colorDepth} bits`) console.log(`Pixel Ratio: ${screen.devicePixelRatio}`) console.log(`Touch: ${screen.touch ? 'Yes' : 'No'}`) console.log(`Spoofed: ${screen.lied}`) } ``` -------------------------------- ### Example Usage of getLies Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/lies-detection.md Demonstrates how to import and use the getLies function to retrieve detected lies, including total count, a list of lied properties, and detailed explanations for each lie. ```javascript import { getLies, documentLie } from './lies' // Get all detected lies const lies = await getLies() console.log('Total lies detected:', lies.totalLies) console.log('Lie list:', lies.lieList) console.log('Lie detail:', lies.lieDetail) // Example output: // { // totalLies: 3, // lieList: ['Navigator.userAgent', 'Screen.width', 'Window.devicePixelRatio'], // lieDetail: { // 'Navigator.userAgent': ['spoofed by extension'], // 'Screen.width': ['mismatch with CSS media query'], // 'Window.devicePixelRatio': ['invalid value'] // } // } ``` -------------------------------- ### Example Usage of getMedia Function Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/screen-media.md Demonstrates how to import and use a `getMedia` function to retrieve media capabilities and check for spoofing. ```javascript import getMedia from './media' const media = await getMedia() if (media) { console.log(`MIME Types: ${media.mimeTypes.length}`) // Check video codec support if (media.videoCodecs.h264) console.log('H.264 supported') if (media.videoCodecs.vp9) console.log('VP9 supported') // Check audio codec support if (media.audioCodecs.opus) console.log('Opus audio supported') if (media.audioCodecs.aac) console.log('AAC supported') console.log(`Spoofed: ${media.lied}`) console.log(`Hash: ${media.$hash}`) } ``` -------------------------------- ### Spawn Worker Example Usage Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/worker.md Example of how to use the spawnWorker function and conditionally exit if running in a worker thread. ```javascript const scope = await spawnWorker() if (scope == Scope.WORKER) { return // Exit if running in worker } // Continue with main thread fingerprinting ``` -------------------------------- ### Worker Module Example Usage Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/worker.md Demonstrates importing and using spawnWorker and getBestWorkerScope to collect fingerprinting data. ```javascript import { spawnWorker, getBestWorkerScope, Scope } from './worker' const scope = await spawnWorker() if (scope == Scope.WORKER) { return } const workerData = await getBestWorkerScope() console.log(workerData.platform) // "MacIntel" or "Win32" console.log(workerData.gpu.compressedGPU) // "Intel Iris Pro Graphics" console.log(workerData.lied) // boolean - prototype tampering detected console.log(workerData.$hash) // SHA-256 hash ``` -------------------------------- ### PlatformClassifier Usage Example Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/crypto-helpers.md Demonstrates how to import and use the PlatformClassifier enum, assigning a platform value. ```javascript import { PlatformClassifier } from './utils/types' const platform = PlatformClassifier.WINDOWS ``` -------------------------------- ### Example Usage of getHeadlessFeatures Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/headless-resistance.md Demonstrates how to import and use the getHeadlessFeatures function to detect headless browser indicators and log the results. ```javascript import getHeadlessFeatures from './headless' const headless = await getHeadlessFeatures({ webgl: webglData, workerScope: workerData, }) if (headless) { console.log('Headless indicators:') Object.entries(headless.likeHeadless).forEach(([key, value]) => { if (value) console.log(` ${key}: yes`) }) if (Object.values(headless.headless).some(v => v)) { console.log('Likely headless browser detected') } } ``` -------------------------------- ### Proxy Handler for Prototype Modification Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/lies-detection.md Illustrates detecting prototype modifications using Proxy handlers. This example shows how a 'get' trap can intercept and return a spoofed value for the 'platform' property of the Navigator object. ```javascript // Detected by checking handler traps new Proxy(navigator, { get: (target, prop) => { if (prop === 'platform') return 'spoofed' return target[prop] } }) ``` -------------------------------- ### Example Usage of Audio Fingerprinting Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/fonts-audio.md Demonstrates how to import and use the audio fingerprinting functions to gather audio context data and check for fake audio and AudioWorklet support. ```javascript import getOfflineAudioContext from './audio' const audio = await getOfflineAudioContext() if (audio) { console.log('Sample Rate:', audio.sampleRate, 'Hz') console.log('Frequency Bins:', audio.frequencies.length) console.log('Fake Audio:', audio.fakeAudio) console.log('AudioWorklet:', audio.audioWorkletSupported ? 'Yes' : 'No') console.log('Hash:', audio.$hash) } ``` -------------------------------- ### Integration Example with Headless Features Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/headless-resistance.md Combines detection of privacy resistance and headless browser features. It checks for privacy protection levels and likelihood of being a headless environment. ```javascript import getHeadlessFeatures from './headless' import getResistance from './resistance' // Check if environment is protected const [headless, resistance] = await Promise.all([ getHeadlessFeatures({ webgl, workerScope }), getResistance(), ]) const isPrivacyProtected = ( resistance.privacy === 'Tor Browser' || resistance.privacy === 'Firefox (RFP)' || (resistance.privacy === 'Brave' && resistance.mode === 'strict') ) const likelyHeadless = Object.values(headless.likeHeadless).some(v => v) console.log('Privacy Protection:', isPrivacyProtected) console.log('Headless Browser:', likelyHeadless) ``` -------------------------------- ### Example of Font Spoofing Detection Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/fonts-audio.md An example illustrating how to detect font spoofing by checking if a Windows 11 system incorrectly reports having only Windows 7 fonts. ```javascript // Windows 11 claims to have fonts from Windows 7 only if (claimedWindows11 && !hasSegoeFluentIcons) { documentLie('Fonts', 'Windows version mismatch') } ``` -------------------------------- ### Example Usage of getFonts Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/fonts-audio.md Demonstrates how to import and use the getFonts function, then log the number of detected fonts, platform version, and spoofing status. It also shows how to infer OS versions from specific font presence. ```javascript import getFonts from './fonts' const fonts = await getFonts() if (fonts) { console.log('Detected Fonts:', fonts.fontFaceLoadFonts.length) console.log('Platform Version:', fonts.platformVersion) // Detect Windows version if (fonts.fontFaceLoadFonts.includes('Segoe Fluent Icons')) { console.log('Windows 11 detected') } // Detect macOS version if (fonts.fontFaceLoadFonts.includes('Galvji')) { console.log('macOS 10.15 or later detected') } console.log('Spoofed:', fonts.lied) console.log('Hash:', fonts.$hash) } ``` -------------------------------- ### Example Usage of getNavigator Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/navigator.md Demonstrates how to use the getNavigator function with worker scope data to retrieve and log navigator properties, including platform, system, and lie detection status. ```javascript const workerData = await getBestWorkerScope() const navigatorData = await getNavigator(workerData) console.log(navigatorData.platform) // "MacIntel" or "Win32" etc console.log(navigatorData.system) // "macOS" or "Windows" etc console.log(navigatorData.lied) // boolean console.log(navigatorData.$hash) // SHA-256 hash of entire object ``` -------------------------------- ### Example Usage of getBraveMode Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/crypto-helpers.md Illustrates how to use the getBraveMode function and react to different privacy settings, such as logging when strict mode is enabled. ```javascript const braveMode = getBraveMode() if (braveMode.strict) { console.log('Strict privacy mode enabled') // Entropy is reduced } else if (braveMode.standard) { console.log('Standard privacy mode') } ``` -------------------------------- ### Example Usage of WebGL Detection Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/webgl.md Demonstrates how to import and use the `getCanvasWebgl` function to detect WebGL availability and gather GPU information. It logs details like vendor, extensions, parameters, and spoofing detection status. ```javascript import getCanvasWebgl from './webgl' const webgl = await getCanvasWebgl() if (!webgl) { console.log('WebGL unavailable or blocked') } else { console.log('GPU Vendor:', webgl.gpu.compressedGPU) console.log('Extensions:', webgl.extensions.length) console.log('Parameters:', Object.keys(webgl.parameters).length) console.log('Confidence:', webgl.gpu.confidence) console.log('Spoofing Detected:', webgl.lied) console.log('Hash:', webgl.$hash) } ``` -------------------------------- ### Canvas Data URI Format Example Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/canvas.md Illustrates the expected format of canvas data URIs, which are in PNG format. This can be useful for debugging or manual inspection. ```text data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAA... ``` -------------------------------- ### Loose Fingerprint Structure (window.Fingerprint) Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/integration-guide.md Example structure of the complete fingerprint data, including individual component hashes. Contains all collected data. ```javascript window.Fingerprint = { workerScope: { deviceMemory: 8, hardwareConcurrency: 8, platform: "MacIntel", system: "macOS", gpu: { confidence: "high", compressedGPU: "Apple M1" }, $hash: "a3c5b2d1..." }, navigator: { platform: "MacIntel", device: "MacBook", userAgent: "Mozilla/5.0 (Macintosh...", $hash: "b2d1e3f4..." }, canvas2d: { dataURI: "data:image/png;base64,...", textMetricsSystemSum: 12345, $hash: "c1d2e3f4..." }, canvasWebgl: { parameters: { /* 40+ params */ }, gpu: { confidence: "high", compressedGPU: "Apple M1" }, $hash: "d2e3f4a5..." }, // ... 15+ more properties } ``` -------------------------------- ### Example Usage of Canvas Fingerprinting Test Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/canvas.md Demonstrates how to import and use the getCanvas2d function to perform canvas fingerprinting tests and log the results. Ensure the './canvas' module is correctly imported. ```javascript import getCanvas2d from './canvas' const canvas2d = await getCanvas2d() if (!canvas2d) { console.log('Canvas test failed') } else { console.log('Data URI:', canvas2d.dataURI) console.log('Text Metrics Sum:', canvas2d.textMetricsSystemSum) console.log('Emoji Set:', canvas2d.emojiSet) console.log('Spoofing Detected:', canvas2d.lied) console.log('Hash:', canvas2d.$hash) } ``` -------------------------------- ### Get Supported WebGL Extensions Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/webgl.md Retrieves a list of all supported WebGL extensions for the current context. This is useful for understanding the capabilities of the user's GPU and browser environment. ```javascript const extensions = gl.getSupportedExtensions() ``` -------------------------------- ### Usage of getBraveUnprotectedParameters Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/crypto-helpers.md Example of how to use getBraveUnprotectedParameters when Brave's strict mode is detected to filter sensitive GPU parameters. ```javascript if (braveMode.strict) { const safeParams = getBraveUnprotectedParameters(gpuParameters) // Use only parameters not blocked by Brave } ``` -------------------------------- ### CreepJS Errors Module Usage Example Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/errors.md Demonstrates importing and using multiple functions from the Errors module for safe API exploration and performance measurement. ```javascript import { attempt, caniuse, timer, getCapturedErrors } from './errors' const timer = timer('Running tests') // Safe property access const screen = attempt(() => window.screen) const fontList = caniuse(() => document, ['fonts', 'ready']) // Safe method calls const mediaDevices = caniuse( () => navigator, ['mediaDevices', 'enumerateDevices'], [], true ) const elapsed = timer('Tests done') const errors = getCapturedErrors() ``` -------------------------------- ### Stable Fingerprint Structure (window.Creep) Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/integration-guide.md Example structure of the filtered, production-friendly fingerprint data. Contains only selective and trusted properties. ```javascript window.Creep = { navigator: { device: "MacBook", platform: "MacIntel", userAgentData: { brands: ["Google Chrome", "Chromium"], platform: "macOS", architecture: "arm64" } }, screen: { width: 1920, height: 1200, colorDepth: 24 }, canvasWebgl: { parameters: { UNMASKED_RENDERER_WEBGL: "Apple M1", UNMASKED_VENDOR_WEBGL: "Apple Inc." } }, fonts: ["Arial", "Helvetica", "Times New Roman"], // ... selective properties only } ``` -------------------------------- ### Scope Usage Example Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/types.md Shows how to check the current execution scope. If the scope is identified as a worker, the function returns, preventing execution in the main thread. ```javascript const scope = await spawnWorker() if (scope == Scope.WORKER) { return // Exit worker context } ``` -------------------------------- ### Function Wrapping for Prototype Modification Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/lies-detection.md Demonstrates detecting prototype modifications through function wrapping, specifically by checking the `toString()` output of a property. This example modifies the 'platform' getter on Navigator.prototype. ```javascript // Detected by toString() mismatch const originalPlatform = Object.getOwnPropertyDescriptor(Navigator.prototype, 'platform') Object.defineProperty(Navigator.prototype, 'platform', { get: () => 'spoofed' }) ``` -------------------------------- ### Prototype Chain Injection Detection Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/lies-detection.md Shows how prototype chain injection can be detected by observing failures in expected TypeError checks. This example adds a 'platform' getter to Object.prototype. ```javascript // Detected by error handling tests Object.defineProperty(Object.prototype, 'platform', { get: () => 'spoofed' }) ``` -------------------------------- ### Asynchronously Get Fingerprint Results Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/integration-guide.md A more robust method to retrieve fingerprint results by checking for their availability in a loop with a timeout. Throws an error if fingerprinting does not complete within the specified time. ```javascript async function getFingerprintResult(timeout = 5000) { const startTime = Date.now() while (Date.now() - startTime < timeout) { if (window.Fingerprint && window.Creep) { return { fingerprint: window.Fingerprint, creep: window.Creep, } } await new Promise(resolve => setTimeout(resolve, 50)) } throw new Error('Fingerprinting timeout') } const { fingerprint, creep } = await getFingerprintResult() ``` -------------------------------- ### JavaScript Example for Detecting Math Object Differences Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/additional-modules.md This JavaScript code snippet demonstrates how to detect differences in Math object behavior by calling various Math functions with specific inputs and comparing their results. Differences may indicate spoofing or engine-specific precision. ```javascript const data = { acos: Math.acos(0.5), asin: Math.asin(0.5), atan: Math.atan(1), cos: Math.cos(1), sin: Math.sin(1), tan: Math.tan(1), tan2: Math.tan(0), exp: Math.exp(1), expm1: Math.expm1(0), log: Math.log(Math.E), log1p: Math.log1p(0), log2: Math.log2(2), log10: Math.log10(10), cbrt: Math.cbrt(8), sqrt: Math.sqrt(4), pow: Math.pow(2, 8), hypot: Math.hypot(3, 4), } ``` -------------------------------- ### Get Available Fonts Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/fonts-audio.md Retrieves a list of available fonts on the system, along with platform version and lie detection status. This function is useful for identifying the operating system and its version based on installed fonts. ```typescript async function getFonts(): Promise ``` -------------------------------- ### Measure Elapsed Time with Timer Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/errors.md The `timer` function returns a utility to measure elapsed time using `performance.now()`. Call it with an optional start message, and the returned function with an optional end message to get the duration in milliseconds. ```typescript function timer(logStart?: string): (logEnd?: string) => number ``` ```javascript const timer = timer('Starting fingerprint test') // ... do work ... const elapsedMs = timer('Test complete') // Returns elapsed time console.log(`Completed in ${elapsedMs}ms`) ``` -------------------------------- ### Get Fingerprint After Load Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/REFERENCE_SUMMARY.md Retrieves the fingerprint object and Creep instance after the page has loaded. ```javascript const fp = window.Fingerprint const creep = window.Creep ``` -------------------------------- ### getLies Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/lies-detection.md Detects all prototype-level tampering in the current JavaScript context and returns a detailed report. ```APIDOC ## getLies ### Description Detects all prototype-level tampering in the current context. ### Method `async` ### Returns Object containing all detected lies: ```typescript interface LiesData { totalLies: number // Count of detected lies lieDetail: Record // Detailed lie documentation lieList: string[] // Sorted list of lie names lieCount: Record // Count per category $hash: string // SHA-256 hash } ``` ``` -------------------------------- ### Create and Render Canvas Pattern Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/canvas.md This snippet demonstrates how to create a canvas element, set its dimensions, and render a test pattern including text. It captures the result as a data URI. ```javascript const canvas = document.createElement('canvas') canvas.width = 280 canvas.height = 60 const context = canvas.getContext('2d', { willReadFrequently: true }) // Render test pattern context.textBaseline = 'top' context.font = '15px "Arial"' context.textBaseline = 'alphabetic' context.fillStyle = '#f60' context.fillRect(125, 1, 62, 20) context.fillStyle = '#069' context.fillText('π•Ώπ–”π–Œπ–Šπ–™π–π–Šπ–—', 2, 15) // Capture as data URI const dataURI = canvas.toDataURL() ``` -------------------------------- ### Render Test Pattern and Capture Pixels Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/webgl.md Sets up a WebGL canvas, renders a simple triangle, and captures the resulting pixel data using gl.readPixels. ```javascript // Create canvas and context const canvas = document.createElement('canvas') canvas.width = 256 canvas.height = 256 const gl = canvas.getContext('webgl') // Render test pattern (geometry) const vertices = [ -0.5, -0.5, // bottom-left 0.5, -0.5, // bottom-right 0.0, 0.5, // top ] const vertexBuffer = gl.createBuffer() gl.bindBuffer(gl.ARRAY_BUFFER, vertexBuffer) gl.bufferData(gl.ARRAY_BUFFER, new Float32Array(vertices), gl.STATIC_DRAW) // Set shader program gl.useProgram(shaderProgram) gl.clearColor(0.0, 0.0, 0.0, 1.0) gl.clear(gl.COLOR_BUFFER_BIT) gl.drawArrays(gl.TRIANGLES, 0, 3) // Capture pixels const pixels = new Uint8ClampedArray(256 * 256 * 4) gl.readPixels(0, 0, 256, 256, gl.RGBA, gl.UNSIGNED_BYTE, pixels) ``` -------------------------------- ### Build Commands Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/integration-guide.md Commands to build the CreepJS project for development or production. ```bash pnpm build:dev # Development build (tsconfig.build.json) pnpm build:js # Production rollup build pnpm build # Full build (JS + CSS) ``` -------------------------------- ### getScreen() Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/screen-media.md Analyzes screen/display properties including dimensions, color depth, pixel density, and touch capabilities. Detects spoofing through matchMedia validation. ```APIDOC ## getScreen() ### Description Analyzes screen/display properties including dimensions, color depth, pixel density, and touch capabilities. Detects spoofing through matchMedia validation. ### Method GET ### Endpoint /screen ### Parameters #### Query Parameters - **log** (boolean) - Optional - Whether to log timing information ### Response #### Success Response (200) - **width** (number) - Screen width in pixels - **height** (number) - Screen height in pixels - **availWidth** (number) - Available width (minus taskbar) - **availHeight** (number) - Available height (minus taskbar) - **colorDepth** (number) - Color depth (24 or 32) - **pixelDepth** (number) - Pixel depth - **devicePixelRatio** (number) - Device pixel ratio (DPR) - **touch** (boolean) - Touch capability - **lied** (boolean) - Spoofing detected - **$hash** (string) - SHA-256 hash ### Response Example { "example": { "width": 1920, "height": 1080, "availWidth": 1920, "availHeight": 1040, "colorDepth": 24, "pixelDepth": 24, "devicePixelRatio": 1, "touch": false, "lied": false, "$hash": "example_hash" } } ### Example Usage ```javascript import getScreen from './screen' const screen = await getScreen() if (screen) { console.log(`Display: ${screen.width}x${screen.height}`) console.log(`Available: ${screen.availWidth}x${screen.availHeight}`) console.log(`Color Depth: ${screen.colorDepth} bits`) console.log(`Pixel Ratio: ${screen.devicePixelRatio}`) console.log(`Touch: ${screen.touch ? 'Yes' : 'No'}`) console.log(`Spoofed: ${screen.lied}`) } ``` ``` -------------------------------- ### Get Unmasked Vendor and Renderer Info Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/webgl.md Uses the WEBGL_debug_renderer_info extension to retrieve the unmasked vendor and renderer strings from the WebGL context. ```javascript const rendererInfo = gl.getExtension('WEBGL_debug_renderer_info') const vendor = gl.getParameter(rendererInfo.UNMASKED_VENDOR_WEBGL) const renderer = gl.getParameter(rendererInfo.UNMASKED_RENDERER_WEBGL) // Example values: // vendor: "Google Inc." | "Apple Inc." | "Intel Inc." // renderer: "ANGLE (Intel HD Graphics 630)" | "Apple M1" | "Mali-T830" ``` -------------------------------- ### getMedia() Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/screen-media.md Detects media types, codecs, and audio/video support to fingerprint browser capabilities and detect spoofing of media APIs. ```APIDOC ## getMedia() ### Description Detects media types, codecs, and audio/video support to fingerprint browser capabilities and detect spoofing of media APIs. ### Method GET ### Endpoint /media ### Response #### Success Response (200) - **mimeTypes** (MimeTypeData[]) - Supported MIME types - **canPlayType** (Record) - Audio/video codec support - **mediaSource** (string[]) - Supported MediaSource types - **videoCodecs** (object) - Video capabilities - **h264** (boolean) - **vp8** (boolean) - **vp9** (boolean) - **hevc** (boolean) - **av1** (boolean) - **audioCodecs** (object) - Audio capabilities - **mp3** (boolean) - **aac** (boolean) - **opus** (boolean) - **vorbis** (boolean) - **flac** (boolean) - **lied** (boolean) - Spoofing detected - **$hash** (string) - SHA-256 hash ### Response Example { "example": { "mimeTypes": [ { "type": "video/mp4", "suffixes": "mp4,m4v" } ], "canPlayType": { "video/mp4; codecs=\"avc1.42E01E\"": "probably", "audio/ogg; codecs=\"opus\"": "probably" }, "mediaSource": [ "probably" ], "videoCodecs": { "h264": true, "vp8": false, "vp9": false, "hevc": false, "av1": false }, "audioCodecs": { "mp3": true, "aac": true, "opus": false, "vorbis": false, "flac": false }, "lied": false, "$hash": "example_hash" } } ``` -------------------------------- ### Collected Screen Properties Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/screen-media.md Illustrates how to access and collect basic screen properties from the window.screen object. ```javascript const s = window.screen const data = { width: s.width, height: s.height, availWidth: s.availWidth, availHeight: s.availHeight, colorDepth: s.colorDepth, pixelDepth: s.pixelDepth, touch: hasTouch(), } ``` -------------------------------- ### Get Browser Resistance Data Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/headless-resistance.md Fetches comprehensive data about the browser's privacy and security features. This function is asynchronous and returns a Promise resolving to ResistanceData. ```typescript async function getResistance(): Promise ``` -------------------------------- ### getOfflineAudioContext() Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/fonts-audio.md Analyzes offline audio context properties to detect hardware capabilities and GPU acceleration characteristics. This provides consistent entropy across sessions. ```APIDOC ## getOfflineAudioContext() ### Description Analyzes offline audio context properties to detect hardware capabilities and GPU acceleration characteristics. Audio fingerprinting provides consistent entropy across sessions. ### Method `async` ### Signature `getOfflineAudioContext(): Promise` ### Parameters None ### Response #### Success Response - **AudioContextData** (`object`) - An object containing audio context properties and detection results. - **dataURI** (`string`) - Audio data represented as a data URI. - **frequencies** (`number[]`) - Frequency bin data. - **values** (`number[]`) - Audio value samples. - **fakeAudio** (`boolean`) - Indicates if the audio rendering appears to be fake. - **oscillatorWaveforms** (`string[]`) - Supported oscillator waveforms. - **analyzerBins** (`number`) - The count of FFT bins for analysis. - **sampleRate** (`number`) - The audio context sample rate (e.g., 44100, 48000). - **audioWorkletSupported** (`boolean`) - Indicates if the AudioWorklet API is supported. - **$hash** (`string`) - SHA-256 hash of the detected audio context data. ### Example Usage ```javascript import getOfflineAudioContext from './audio' const audioContext = await getOfflineAudioContext() if (audioContext) { console.log('Sample Rate:', audioContext.sampleRate) console.log('Audio Worklet Supported:', audioContext.audioWorkletSupported) console.log('Fake Audio Detected:', audioContext.fakeAudio) console.log('Hash:', audioContext.$hash) } ``` ``` -------------------------------- ### Hashing Functions Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/REFERENCE_SUMMARY.md Generate hashes for data using provided utility functions. `hashMini` provides a fast 8-character hash, while `hashify` generates a 64-character SHA-256 hash. ```typescript hashMini(data) // 8-char fast hash hashify(data, algorithm) // 64-char SHA-256 hash ``` -------------------------------- ### Tracking Device Diversity with Analytics Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/integration-guide.md Collects various device and platform attributes using CreepJS for tracking device diversity and platform distribution. The collected data can be sent to an analytics service. ```javascript const analytics = { browser: window.Fingerprint.navigator?.vendor, os: window.Fingerprint.fonts?.platformVersion, gpu: window.Fingerprint.workerScope?.gpu?.compressedGPU, cores: window.Fingerprint.workerScope?.hardwareConcurrency, memory: window.Fingerprint.workerScope?.deviceMemory, screen: `${window.Fingerprint.screen?.width}x${window.Fingerprint.screen?.height}`, timezone: window.Fingerprint.timezone?.location, protection: window.Fingerprint.resistance?.privacy, } // Send to analytics service fetch('/api/analytics', { method: 'POST', body: JSON.stringify(analytics) }) ``` -------------------------------- ### Implementing Fingerprinting Consent Model Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/integration-guide.md Implements a privacy-conscious opt-in model for fingerprinting, requesting user consent before proceeding. Fingerprinting is only initiated if consent is granted and stored. ```javascript // Opt-in model if (localStorage.getItem('fingerprinting_consent')) { // Fingerprinting already permitted const fp = window.Fingerprint } else { // Request permission first const consent = confirm('This site uses fingerprinting for security. Accept?') if (consent) { localStorage.setItem('fingerprinting_consent', 'true') // Fingerprinting already running } } ``` -------------------------------- ### getIntl() Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/additional-modules.md Analyzes Intl (Internationalization) API capabilities and returns a promise with IntlData or undefined. ```APIDOC ## getIntl() ### Description Analyzes Intl (Internationalization) API capabilities. ### Method `async function getIntl(): Promise` ### Parameters None ### Response #### Success Response - **IntlData** - An object containing information about the Intl API capabilities. ### IntlData Structure ```typescript interface IntlData { collator: { numeric: boolean caseFirst: string } dateTimeFormat: { dateStyle: boolean timeStyle: boolean } listFormat: boolean numberFormat: { notation: string[] } pluralRules: boolean relativeTimeFormat: boolean locale: string[] lied: boolean $hash: string } ``` ``` -------------------------------- ### Get Offline Audio Context Data Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/fonts-audio.md Retrieves data from an offline audio context, which can be used to analyze audio rendering characteristics and hardware capabilities. This provides consistent entropy across sessions. ```typescript async function getOfflineAudioContext(): Promise ``` -------------------------------- ### Taskbar Entropy Check for Full-Screen Detection Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/screen-media.md Determines if the environment is likely full-screen by comparing total screen dimensions with available dimensions. ```javascript const noTaskbar = !(width - availWidth || height - availHeight) if (width > 800 && noTaskbar) { LowerEntropy.SCREEN = true // Likely full-screen VM } ``` -------------------------------- ### Device Pixel Ratio Check for Spoofing Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/screen-media.md Validates the consistency of the device pixel ratio using matchMedia, excluding Firefox. ```javascript const dpr = window.devicePixelRatio const hasLiedDPR = !matchMedia(`(resolution: ${dpr}dppx)`).matches if (!IS_WEBKIT && hasLiedDPR) { documentLie('Window.devicePixelRatio', 'lied dpr') } ``` -------------------------------- ### Get Available Speech Synthesis Voices Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/additional-modules.md Retrieves a list of available speech synthesis voices on the user's system. This function requires a delay to ensure voices are loaded asynchronously, as some browsers load them after initialization. ```javascript const synthesis = window.speechSynthesis // Warm up (necessary on some browsers) try { speechSynthesis.getVoices() } catch (err) {} // Get voices after a delay for async loading const voices = await new Promise((resolve) => { const getVoicesAsync = () => { const voices = synthesis.getVoices() if (voices.length > 0) { resolve(voices) } else { setTimeout(getVoicesAsync, 10) } } getVoicesAsync() }) const data = voices.map(voice => ({ name: voice.name, // "Google US English" lang: voice.lang, // "en-US" localService: voice.localService, // Offline vs cloud default: voice.default, // Default voice for lang })) ``` -------------------------------- ### Get Brave Browser Privacy Mode Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/crypto-helpers.md Detects the current privacy protection level in the Brave browser. Use this to adapt your application's behavior based on Brave's strict, standard, or allow modes. ```typescript function getBraveMode(): BraveModeResult ``` -------------------------------- ### File Organization Structure Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/REFERENCE_SUMMARY.md Overview of the directory structure for the CreepJS project, detailing the purpose of each file and directory. ```tree output/ β”œβ”€β”€ README.md # Project overview β”œβ”€β”€ architecture.md # System design β”œβ”€β”€ integration-guide.md # Integration guide β”œβ”€β”€ types.md # Type definitions β”œβ”€β”€ REFERENCE_SUMMARY.md # This file └── api-reference/ β”œβ”€β”€ index.md # Module index β”œβ”€β”€ errors.md # Error handling β”œβ”€β”€ crypto-helpers.md # Hashing & detection β”œβ”€β”€ navigator.md # Browser detection β”œβ”€β”€ canvas.md # Canvas 2D β”œβ”€β”€ webgl.md # GPU fingerprinting β”œβ”€β”€ screen-media.md # Display & codecs β”œβ”€β”€ fonts-audio.md # Fonts & audio β”œβ”€β”€ worker.md # Worker context β”œβ”€β”€ lies-detection.md # Spoofing detection β”œβ”€β”€ headless-resistance.md # Privacy tools └── additional-modules.md # Other tests ``` -------------------------------- ### Parallel Test Execution with Promise.all Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/architecture.md Initiates multiple fingerprinting tests concurrently using Promise.all for performance. This phase includes over 15 different tests. ```javascript const [ workerScopeComputed, voicesComputed, offlineAudioContextComputed, canvasWebglComputed, canvas2dComputed, windowFeaturesComputed, // ... 15+ more tests ] = await Promise.all([ getBestWorkerScope(), getVoices(), getOfflineAudioContext(), getCanvasWebgl(), getCanvas2d(), getWindowFeatures(), // ... concurrent execution ]) ``` -------------------------------- ### Core Functions Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/index.md Provides safe execution, property access, performance measurement, error recording, and hashing utilities. ```APIDOC ## Core Functions ### `attempt(fn, msg)` **Purpose**: Safe function execution. ### `caniuse(fn, chain, args, method)` **Purpose**: Safe property access. ### `timer(msg)` **Purpose**: Performance measurement. ### `captureError(error, msg)` **Purpose**: Error recording. ### `hashify(data, algorithm)` **Purpose**: SHA-256 hashing. ### `hashMini(data)` **Purpose**: Fast hashing. ``` -------------------------------- ### JavaScript Example for Capturing Console Errors Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/additional-modules.md This JavaScript code snippet demonstrates how to intentionally trigger and capture console errors, including RangeError, TypeError, and ReferenceError. The captured details include the error message, stack trace, and stack length, which can vary between JavaScript engines. ```javascript const errors = [] // RangeError try { ''.repeat(-1) } catch (error) { errors.push({ message: error.message, stack: error.stack.split('\n'), stackLength: error.stack.split('\n').length, }) } // TypeError try { const obj = {} obj.nonexistent() } catch (error) { // Capture error details } // Custom ReferenceError try { nonexistentVariable } catch (error) { // Capture error details } ``` -------------------------------- ### Initialize Creep.js with IIFE Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/architecture.md The main entry point of Creep.js uses an Immediately Invoked Function Expression (IIFE) to spawn a worker and determine the execution scope. It exits if running in a worker context. ```javascript // src/creep.ts - IIFE main entry point !async function() { const scope = await spawnWorker() if (scope == Scope.WORKER) { return // Exit if in worker context } // Continue with main thread fingerprinting }() ``` -------------------------------- ### Soft Headless Indicator: No Taskbar Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/headless-resistance.md Determines if the screen dimensions (available vs. total) suggest a full-screen display, which can be an indicator of headless environments lacking a taskbar. ```typescript const noTaskbar = ( screen.height === screen.availHeight && screen.width === screen.availWidth ) ``` -------------------------------- ### GPU Detection using OffscreenCanvas and WebGL Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/worker.md Extracts GPU vendor and renderer information using OffscreenCanvas and WebGL context. ```javascript const canvasOffscreenWebgl = new OffscreenCanvas(256, 256) const contextWebgl = canvasOffscreenWebgl.getContext('webgl') const rendererInfo = contextWebgl.getExtension('WEBGL_debug_renderer_info') const gpu = { webglVendor: contextWebgl.getParameter(rendererInfo.UNMASKED_VENDOR_WEBGL), webglRenderer: contextWebgl.getParameter(rendererInfo.UNMASKED_RENDERER_WEBGL), } ``` -------------------------------- ### Compress WebGL Renderer String Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/webgl.md A helper function to extract a meaningful GPU model name from a verbose renderer string. ```javascript const compressedGPU = compressWebGLRenderer(renderer) // "ANGLE (Intel HD Graphics 630)" β†’ "Intel HD Graphics 630" // "Apple M1" β†’ "Apple M1" // "Mali-T830" β†’ "Mali-T830" ``` -------------------------------- ### getResistance Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/headless-resistance.md Detects privacy and security tools active in the browser, including VPNs, Tor Browser, and privacy-focused browsers like Brave and Firefox with RFP. ```APIDOC ## getResistance ### Description Detects privacy and security tools active in the browser, including VPNs, Tor Browser, and privacy-focused browsers like Brave and Firefox with RFP. ### Method ```typescript async function getResistance(): Promise ``` ### Parameters None ### Request Example ```javascript import getResistance from './resistance' const resistance = await getResistance() console.log(resistance) ``` ### Response #### Success Response (200) * **ResistanceData** - Structure containing resistance detection results. #### Response Example ```json { "browser": { "name": "Firefox", "version": "115.0", "mode": "RFP" }, "vpn": { "active": false, "vendor": null }, "tor": { "active": false }, "fingerprinting": { "canvas": { "spoof": false, "noise": 0.0001 }, "audio": { "spoof": false, "noise": 0.0002 } } } ``` ``` -------------------------------- ### Accessing Individual Fingerprint Hashes Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/integration-guide.md Access and compare individual component hashes (e.g., navigator, canvasWebgl) from the loose fingerprint object. Also shows how to generate a compact mini-hash for quick comparisons. ```javascript const fp = window.Fingerprint // Individual component hashes (SHA-256, 64 hex chars) console.log(fp.navigator.$hash) // Navigator data hash console.log(fp.canvasWebgl.$hash) // WebGL data hash console.log(fp.canvas2d.$hash) // Canvas 2D hash // Compare fingerprints const stored = storedFingerprintHash const current = fp.navigator.$hash if (stored === current) { console.log('Same navigator profile') } else { console.log('Navigator configuration changed') } // Fast mini-hash for quick comparison const miniHash = hashMini(fp) // 8 hex chars ``` -------------------------------- ### User Agent Data Parsing and Brand Compression Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/worker.md Fetches high entropy user agent values and compresses brand information by filtering out 'Not' and 'Chromium'. ```javascript const data = await navigator.userAgentData.getHighEntropyValues([ 'platform', 'platformVersion', 'architecture', 'bitness', 'model', 'uaFullVersion' ]) // Compress brands by removing "Not" and "Chromium" data.brands = brands .filter(obj => !/Not/.test(obj.brand)) .map(obj => obj.brand) .filter(brand => !/Chromium/.test(brand)) ``` -------------------------------- ### Capture Offline Audio Context Data Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/fonts-audio.md Creates an OfflineAudioContext to capture audio data, including frequencies and sample rate, without producing audible output. Useful for generating audio fingerprints. ```javascript async function getOfflineAudioContext() { // Create offline context - doesn't produce audible output const context = new OfflineAudioContext(1, 44100, 44100) // Create oscillator for test tone const oscillator = context.createOscillator() oscillator.type = 'triangle' oscillator.frequency.value = 10000 // Create analyser const analyser = context.createAnalyser() analyser.fftSize = 4096 // Connect nodes: oscillator -> analyser oscillator.connect(analyser) analyser.connect(context.destination) // Start oscillator oscillator.start(0) oscillator.stop(1) // Render audio const renderedBuffer = await context.startRendering() // Extract frequency data const frequencyData = new Uint8Array(analyser.frequencyBinCount) analyser.getByteFrequencyData(frequencyData) return { frequencies: Array.from(frequencyData), sampleRate: context.sampleRate, } } ``` -------------------------------- ### getFonts() Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/fonts-audio.md Fingerprints available fonts by measuring text rendering dimensions. This method can help identify the operating system and its version. ```APIDOC ## getFonts() ### Description Fingerprints available fonts by measuring text rendering dimensions. Different operating systems and installations have distinct font sets, making this a high-entropy fingerprinting vector. ### Method `async` ### Signature `getFonts(): Promise` ### Parameters None ### Response #### Success Response - **FontsData** (`object`) - An object containing detected fonts and platform information. - **fontFaceLoadFonts** (`string[]`) - Successfully loaded fonts. - **platformVersion** (`string`) - Detected platform version (e.g., "Windows 10", "macOS 12.1"). - **fontFaceLoadMonoFonts** (`string[]`) - Monospace fonts detected. - **fontFaceLoadSystemFonts** (`string[]`) - System fonts detected. - **emojiUnicodeVersion** (`string`) - Unicode version for emoji support (e.g., "13.1", "14.0"). - **lied** (`boolean`) - Indicates if font availability was spoofed. - **$hash** (`string`) - SHA-256 hash of the detected font data. ### Example Usage ```javascript import getFonts from './fonts' const fonts = await getFonts() if (fonts) { console.log('Detected Fonts:', fonts.fontFaceLoadFonts.length) console.log('Platform Version:', fonts.platformVersion) console.log('Spoofed:', fonts.lied) console.log('Hash:', fonts.$hash) } ``` ``` -------------------------------- ### Enumerate Navigator MIME Types Source: https://github.com/abrahamjuliot/creepjs/blob/master/_autodocs/api-reference/screen-media.md Iterates through `navigator.mimeTypes` to collect details about supported MIME types and their associated plugins. ```javascript const mimeTypes = [] for (let i = 0; i < navigator.mimeTypes.length; i++) { const mt = navigator.mimeTypes[i] mimeTypes.push({ type: mt.type, description: mt.description, suffixes: mt.suffixes, enabledPlugin: mt.enabledPlugin?.name, }) } ```