Vercel recently announced BotID, an anti-bot meant to protect against bots without requiring manual intervention. This post reverse-engineers the script and takes a peek inside.

Hacker News is a community-driven platform for sharing and discussing technology news, startups, and programming-related topics. Through user submissions and comments, Hacker News offers insights into emerging technology trends, industry developments, and entrepreneurial ventures. Readers can participate in discussions, share their insights, and stay informed about the latest advancements in technology and innovation.

Hacker News

A detailed reverse engineering analysis of Vercel's BotID anti-bot protection system. The post demonstrates how to deobfuscate the JavaScript protection script using Babel AST transformations, reveals the browser fingerprinting techniques used (WebGL detection, CDP detection, user agent analysis), and shows how the Basic mode can be bypassed with simple patches. The analysis also covers the Deep Analysis mode powered by Kasada's more sophisticated virtual machine-based protection.

Reverse Engineering Vercel's BotID