BotD

BotD is an open source library that we created to make it easy for every developer to detect basic bots in their web apps.

It is available under a permissive MIT license and will always be free for developers and commercial use.

🚧 Maintenance Status

We keep the open-source BotD package healthy with timely critical fixes and regressions addressed as fast as possible. That said, the near-term roadmap is stability-only, so new features are unlikely to land soon. Please plan accordingly if you depend on upcoming enhancements.

For more demanding applications we created a professional API-based bot detection software that is called Fingerprint Pro Bot Detection.

⚡ View Our Demo

Quick start

CDN

<script>
    // Initialize an agent at application startup, once per page/app.
    const botdPromise = import('https://openfpcdn.io/botd/v2').then((Botd) => Botd.load())
    // Get detection results when you need them.
    botdPromise
        .then((botd) => botd.detect())
        .then((result) => console.log(result))
        .catch((error) => console.error(error))
</script>

Run this code

NPM

npm i @fingerprintjs/botd
# or
yarn add @fingerprintjs/botd

import { load } from '@fingerprintjs/botd'

// Initialize an agent at application startup, once per page/app.
const botdPromise = load()
// Get detection results when you need them.
botdPromise
    .then((botd) => botd.detect())
    .then((result) => console.log(result))
    .catch((error) => console.error(error))

Run this code

📕 Full documentation

🤖 Upgrade to Fingerprint Bot Detection to detect sophisticated bots with confidence.

Fingerprint Bot Detection API is a professional bot detection API service that processes all information server-side and transmits it securely to your servers.

Fingerprint Bot Detection API provides both browser and server-side APIs that make the process of bot detection fast and secure. When using the Bot Detection, use the browser JavaScript SDK to detect browser automation tools and server-side Automation Intelligence API to detect more bot bot types, such as AI agents, AI assistants, and AI/LLM crawlers.

The commercial product combines vast amounts of auxiliary data that bots expose (network properties, browser overrides) to be able to reliably deduplicate real users from automated software, resulting in the detection of popular AI tools, browser automation tools, their derivatives and plugins.

A big advantage of the paid product is that it's able to distinguish good bots from bad ones that allow you to block malicious traffic without blocking search engine crawlers, monitoring workers, etc.

Full product comparison:

	Open Source Library	Bot Detection API
Core Features
100% open source	yes	no
AI Agent Detection OpenAI, Manus, AWS AgentCore	–	✓
AI Assistant Detection ChatGPT, Anthropic, Google Gemini	–	✓
Web Bot Auth support Detect verified, signed, and spoofed identities	–	✓
Search Engine detection Google, Bing, DuckDuckGo	–	✓
Anti Detect Browser detection AdsPower, Dolphin Anty, Kameleo	–	✓
Browser Automation Tools detection	partial	full
Detectable automation tools & frameworks
Headless Browsers (Chrome, Firefox)	✓	✓
seleniumHQ/selenium umbrella project encapsulating a variety of tools and libraries enabling web browser automation	✓	✓
microsoft/playwright Node.js library to automate Chromium, Firefox and WebKit with a single API	✓	✓
ariya/phantomjs headless WebKit scriptable with JavaScript	✓	✓
segmentio/nightmare high-level browser automation library	✓	✓
electron/electron framework lets you write cross-platform desktop applications using JavaScript, HTML and CSS	✓	✓
laurentj/slimerjs scriptable browser	✓	✓
Detectable stealth plugins
berstend/puppeteer-extra/packages/puppeteer-extra-plugin-stealth plugin for puppeteer-extra to prevent detection.	-	✓
microlinkhq/browserless efficient driver for controlling headless browsers built on top of puppeteer developed for scenarios where performance matters	-	✓
ultrafunkamsterdam/undetected-chromedriver optimized Selenium Chromedriver patch which does not trigger anti-bot services	-	✓
MeiK2333/pyppeteer_stealth stealth plugin for pyppeteer	-	✓
Additional Features
Requires JavaScript Requires a JavaScript library to detect bots	yes	no
Server-side accuracy increase based on additional server-side data, such as TLS crypto support, ipv4/v6 data and others	–	✓
Query API build flexible workflows	–	✓
Operations
Data security	Your infrastructure	Encrypted at rest
Storage	Your infrastructure	Unlimited up to 1 yr
Regions	Your infrastructure	Hosting in US, EU and Mumbai
Compliance	Your infrastructure	GDPR, CCPA compliant1
SLA	No SLA	99.9% Uptime
Support	GitHub community	Support team via email, chat, and call-back within 1 business day

_{1. Fingerprint Pro is GDPR and CCPA compliant as the data processor. You still need to be compliant as the data controller and use the bot detection for fraud prevention under legitimate interest or ask for user consent.}

Bot detection API result example:

{
  "bot": "bad",
  "bot_type": "headless_chrome",
  "bot_info": {
    "category": "browser_automation",
    "provider": "chromium/chromium",
    "name": "ChromeHeadless",
    "identity": "unknown",
    "confidence": "medium"
  }
}

🍿 Live demo

📕 Fingerprint Bot Detection API Docs

Contributing

See the Contribution guidelines to learn how to contribute to the project or run the project locally. Please read it carefully before making a pull request.

Other open-source products by Fingerprint on GitHub!

• FingerprintJS -- browser fingerprinting library that queries browser attributes and computes a hashed visitor identifier from them
• Fingerprint Android -- Android identification and fingerprinting in native apps
• Fingerprint iOS -- iOS identification and fingerprinting in native apps

License

MIT

© 2026 FingerprintJS, Inc