Bot.sannysoft.com is a popular, free online testing tool used by developers and security researchers to check for "browser leaks" that reveal whether a web browser is being controlled by automated software (a bot) rather than a human user. 🔍 Purpose & Function
The site acts as a benchmark for evasion techniques. When you visit the page, it runs a suite of JavaScript tests to see if your browser reveals typical signs of automation, such as:
Webdriver Presence: Checking if navigator.webdriver is set to true.
Headless Flags: Detecting if the browser is running in "headless" mode (without a visual interface).
Chrome-Specific Variables: Looking for internal variables like $cdc_ or specific Chrome runtime properties.
Hardware Inconsistencies: Verifying if reported screen resolution, color depth, or CPU cores match what a real device would typically show. 🛠️ Common Use Cases
Reinventing the wheel while learning about bot detection - GitHub
bot.sannysoft.com is a popular, open-source diagnostic page used to test how "stealthy" a web browser or automated bot is. It runs various tests to check if a visitor looks like a real human using a browser or a script (like Puppeteer or Selenium) that might be trying to hide its identity. Core Tests and What They Mean
The page evaluates your browser's fingerprint through several key checks:
User-Agent: Checks if the reported browser and operating system match typical human setups. Fake User-Agents, like a mobile agent on a desktop browser, are often flagged.
WebDriver Check: This is a major "bot-killer." Standard automation tools often leave a navigator.webdriver flag set to true. Sannysoft checks for this to see if the browser is being controlled by a script.
Chrome vs. Headless Chrome: It detects differences in how "headless" (windowless) browsers behave compared to full versions, such as missing plugins or specific WebGL renderer names (e.g., "SwiftShader" often signals a virtual/bot environment).
Permissions & Plugins: It verifies if features like the Permissions API or the list of Plugins behave normally. Bots often fail these because they don't simulate the background data of a real installation. Why People Use It
Bot Developers: Developers use it to verify that their "stealth" plugins, such as puppeteer-extra-plugin-stealth, are working correctly to bypass bot detection on sites like Google or Amazon.
Anti-Detect Browsers: Companies like Kameleo use Sannysoft as a benchmark to prove their software can successfully "mask" a user's identity.
Security Testing: Researchers use it to understand the latest techniques websites use to block automated scrapers or suspicious traffic. How to Improve Results bot.sannysoft
If you are failing checks on Sannysoft, common solutions include:
Stealth Plugins: Using specialized libraries like puppeteer-extra-plugin-stealth to automatically patch known "bot" leaks.
Residential Proxies: Rotating through high-quality residential or mobile proxies to avoid being flagged by your IP address.
Anti-Detect Browsers: Using tools like AdsPower or GoLogin, which are designed specifically to pass fingerprinting tests by creating unique, isolated browser profiles.
Are you trying to fix a specific failing test on the site, or
Understanding Bot.Sannysoft: The Benchmark for Stealth Browser Automation
In the world of web scraping and browser automation, Bot.Sannysoft serves as a critical diagnostic tool. Developers use it to determine if their automated scripts—built with tools like Selenium, Puppeteer, or Playwright—are being flagged as bots by a website's security layers.
This article explores how Bot.Sannysoft works, what it tests for, and why it is the "gold standard" for testing browser stealth. What is Bot.Sannysoft?
Bot.Sannysoft is a specialized test page designed to expose the "leaks" that reveal a browser is being controlled by software rather than a human. Unlike basic sites that only check your IP address, Sannysoft analyzes deep browser properties (fingerprinting) and JavaScript execution environments to see if they deviate from standard, manual browsing behavior. Key Detection Tests on Sannysoft
When you visit the site, it runs a battery of tests. A "Failed" result (usually in red) indicates that a bot detection system like Cloudflare or DataDome could easily block your script.
User-Agent (UA) Consistency: It checks if your declared User-Agent matches the actual capabilities of your browser. For example, if you claim to be on a Mac but your fonts or rendering engine say otherwise, you will fail.
WebDriver Flag: By default, automated browsers set navigator.webdriver to true. Sannysoft checks this property immediately; if it isn't "missing" or "false," you are instantly identified as a bot.
Chrome PDF Viewer & Plugins: Headless browsers often lack standard plugins like the PDF viewer. Sannysoft checks the navigator.plugins array to see if it looks like a real installation.
WebGL & Canvas Fingerprinting: The site analyzes how your browser renders graphics. Bots often use software-based rendering (like SwiftShader), which looks very different from the hardware-accelerated rendering used by human devices.
Language & Permissions: It verifies if your navigator.languages and notification permissions match a typical user profile. Why Developers Use It Objective: The objective of this study is to
Bot.sannysoft is a specialized web tool designed to test the effectiveness of browser fingerprinting bot detection
mechanisms. It is primarily used by web scrapers and automation developers to determine if their scripts (using tools like Playwright ) can successfully pass as human-operated browsers. Key Features and Functionality When you visit bot.sannysoft.com
, the site runs a battery of tests to find inconsistencies that typically reveal automated software: bot.sannysoft.com WebDriver Detection : Checks for the navigator.webdriver
property, which is often set to "true" in automated environments. Hardware Consistency : Evaluates device-specific details like deviceMemory
, CPU architecture, and hardware concurrency to see if they match expected real-world values. Chrome Features
: Tests for the presence of standard Chrome objects and APIs (like window.chrome
) that are sometimes absent or modified in "headless" browser modes. Permissions and Plugins
: Verified browser permissions (e.g., notification settings) and lists of installed plugins/MIME types to detect "factory-default" automated profiles. WebGL Fingerprinting
: Analyzes graphics rendering info, such as the WebGL vendor and renderer strings, to spot generic or virtualized environments. bot.sannysoft.com Why It Is Used
Google)", "ANGLE (Google, Vulkan 1.3.0 (SwiftShader Device (Subzero) (0x0000C0DE)), SwiftShader driver)" ], "multimediaDevices": { bot.sannysoft.com
avoid bot detection · Issue #500 · chrome-php/chrome - GitHub
Bot.sannysoft is a widely used online tool designed to test the "stealthiness" of web automation tools like Selenium, Puppeteer, and Playwright. It works by running several tests in your browser to detect common automation signatures, such as the navigator.webdriver flag or inconsistent WebGL vendor information. Using Bot.sannysoft to Test Your Bot
You can use the site to evaluate whether your automated script will be blocked by modern anti-bot technologies.
Run Your Script: Point your automation tool to https://bot.sannysoft.com/. Inspect the Results: The page will display a list of tests.
Green/Passed: Your browser instance looks like a real human user. Akamai) Server-side bot detection (e.g.
Red/Failed: Your instance is leaking automation artifacts (like WebDriver: True), which will likely lead to blocks or CAPTCHAs on protected sites.
Take a Screenshot: Since these tools often run in "headless" mode (no visible window), developers typically program the bot to take a screenshot of the results page for manual review. How to Pass the Sannysoft Tests
If your bot is failing, you can implement several "stealth" strategies:
Use Stealth Plugins: Tools like puppeteer-extra-plugin-stealth or selenium-stealth are specifically designed to patch the browser properties that Sannysoft checks.
Enable Stealth Modes: Some newer automation platforms, such as AgentQL, offer built-in "Stealth Modes" that automatically mask these automation indicators.
Modify User-Agents: Regularly rotate your User-Agent strings to mimic different real-world browsers and operating systems.
Mimic Human Behavior: Add random delays and realistic mouse movements to avoid triggering behavioral detection patterns.
Are you currently working with Selenium, Puppeteer, or another specific framework for your automation? How to Bypass CAPTCHAs with Playwright - Bright Data
Here’s a useful guide to understanding and using Bot.sannysoft — a tool often associated with browser automation, testing, and bot development (especially in contexts like Puppeteer, Playwright, or Selenium).
The objective of this study is to comprehensively analyze the "bot.sannysoft," focusing on its functionalities, use cases, technical infrastructure, and the socio-economic impacts it may have.
const puppeteer = require('puppeteer-extra'); const StealthPlugin = require('puppeteer-extra-plugin-stealth'); puppeteer.use(StealthPlugin());
(async () => const browser = await puppeteer.launch( headless: false ); const page = await browser.newPage(); await page.goto('https://bot.sannysoft.com'); await page.screenshot( path: 'test.png', fullPage: true ); await browser.close(); )();
When you run Selenium inside a Docker container (e.g., selenium/standalone-chrome-debug), there is no GUI. Running a simple driver.get("https://google.com") might pass, but that doesn't test rendering. bot.sannysoft explicitly tells you if the headless browser is rendering fonts and canvases correctly.
chrome_options.add_experimental_option("excludeSwitches", ["enable-automation"]) chrome_options.add_experimental_option('useAutomationExtension', False)
driver = webdriver.Chrome(options=chrome_options)
One of the most powerful applications of bot.sannysoft is as a canary test in your CI/CD pipeline (e.g., GitHub Actions, GitLab CI, Jenkins).
pip install webdriver-manager)