From 7040840033b5e7bbc80dfb9973da08fb1b597e1b Mon Sep 17 00:00:00 2001 From: Thorin-Oakenpants Date: Sun, 30 Jan 2022 04:00:41 +0000 Subject: [PATCH] Updated Appendix A Test Sites (markdown) --- Appendix-A-Test-Sites.md | 24 +++++++++++++----------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/Appendix-A-Test-Sites.md b/Appendix-A-Test-Sites.md index 4f89219..f6160e1 100644 --- a/Appendix-A-Test-Sites.md +++ b/Appendix-A-Test-Sites.md @@ -1,9 +1,9 @@ Here is a list of various websites in which to test your browser. You should enable Javascript (JS) on these sites for the tests to present a worst-case scenario. In reality, you can control JS and XSS (cross site scripting) on sites with extensions such as uBlock Origin to reduce the possibility of fingerprinting attacks -### :small_orange_diamond: Browser Comparison [Defaults] +🟪 Browser Comparison [Defaults] - [PrivacyTests.org](https://privacytests.org/) - **h**ttps://privacytests.org/ [github](https://github.com/arthuredelstein/privacytests.org) -### :small_orange_diamond: Fingerprinting +🟪 Fingerprinting These are good sources to grab information on your results in one hit, but [do not read too much into their entropy figures](https://github.com/arkenfox/user.js/wiki/4.1-Extensions#small_orange_diamond-%EF%B8%8F-anti-fingerprinting-extensions-fk-no) as the data is tainted, and don't assume you are a fingerprint expert, see [Testing your fingerprint](https://matt.traudt.xyz/p/SkxEFK1m.html#testing-your-fingerprint) @@ -17,7 +17,14 @@ These are good sources to grab information on your results in one hit, but [do n - [FingerprintJS](https://fingerprintjs.github.io/fingerprintjs/) Basic Version - **h**ttps://fingerprintjs.github.io/fingerprintjs/ - [Vytal](https://vytal.io/) - **h**ttps://vytal.io/ -### :small_orange_diamond: Multiple Tests [single page] + +🟪 Multiple Tests [multi-page] +- [BrowserLeaks](https://www.browserleaks.com/) - **h**ttps://www.browserleaks.com/ +- [CanvasBlocker Test Pages](https://canvasblocker.kkapsner.de/test/) - **h**ttps://canvasblocker.kkapsner.de/test/ +- [Privacycheck](https://privacycheck.sec.lrz.de/index.html) - **h**ttps://privacycheck.sec.lrz.de/index.html + * [ETag](https://privacycheck.sec.lrz.de/passive/fp_etag/fp_etag.php) - **h**ttps://privacycheck.sec.lrz.de/passive/fp_etag/fp_etag.php + +🟪 Multiple Tests [single page] - [Do I Leak?](https://www.doileak.com/) - **h**ttps://www.doileak.com/ - [HTML5 Test](https://html5test.com/) - **h**ttps://html5test.com/ - [IP/DNS Leak](https://ipleak.net/) - **h**ttps://ipleak.net/ @@ -26,26 +33,21 @@ These are good sources to grab information on your results in one hit, but [do n * [GitHub](https://github.com/chromium/permission.site) - **h**ttps://github.com/chromium/permission.site - [Whoer](https://whoer.net/) - **h**ttps://whoer.net/ -### :small_orange_diamond: Multiple Tests [multi-page] -- [BrowserLeaks](https://www.browserleaks.com/) - **h**ttps://www.browserleaks.com/ -- [CanvasBlocker Test Pages](https://canvasblocker.kkapsner.de/test/) - **h**ttps://canvasblocker.kkapsner.de/test/ -- [Privacycheck](https://privacycheck.sec.lrz.de/index.html) - **h**ttps://privacycheck.sec.lrz.de/index.html - * [ETag](https://privacycheck.sec.lrz.de/passive/fp_etag/fp_etag.php) - **h**ttps://privacycheck.sec.lrz.de/passive/fp_etag/fp_etag.php -### :small_orange_diamond: Encryption / Ciphers / SSL/TLS / Certificates +🟪 Encryption / Ciphers / SSL/TLS / Certificates - [JA3](https://ja3er.com/) - **h**ttps://ja3er.com/ - [BadSSL](https://badssl.com/) - **h**ttps://badssl.com/ - [Qualys SSL Labs](https://www.ssllabs.com/ssltest/viewMyClient.html) - **h**ttps://www.ssllabs.com/ssltest/viewMyClient.html - [Fortify](https://www.fortify.net/sslcheck.html) - **h**ttps://www.fortify.net/sslcheck.html - [How's My SSL](https://www.howsmyssl.com/) - **h**ttps://www.howsmyssl.com/ -### :small_orange_diamond: Mozilla's Safe Browsing, Tracking Protection [github](https://github.com/mozilla/itisatrap) +🟪 Mozilla's Safe Browsing, Tracking Protection [github](https://github.com/mozilla/itisatrap) - [Attack](https://itisatrap.org/firefox/its-an-attack.html) - **h**ttps://itisatrap.org/firefox/its-an-attack.html - [Blocked](https://itisatrap.org/firefox/blocked.html) - **h**ttps://itisatrap.org/firefox/blocked.html - [Malware](https://itisatrap.org/firefox/unwanted.html) - **h**ttps://itisatrap.org/firefox/unwanted.html - [Phishing](https://itisatrap.org/firefox/its-a-trap.html) - **h**ttps://itisatrap.org/firefox/its-a-trap.html - [Tracking](https://itisatrap.org/firefox/its-a-tracker.html) - **h**ttps://itisatrap.org/firefox/its-a-tracker.html -### :small_orange_diamond: Other +🟪 Other - [AudioContext](https://audiofingerprint.openwpm.com/) - **h**ttps://audiofingerprint.openwpm.com/ - [Cache Fingerprinting](https://cookieless-user-tracking.herokuapp.com/) - **h**ttps://cookieless-user-tracking.herokuapp.com/ * It does this by assigning a unique variable in a cached script (see [#436](https://github.com/arkenfox/user.js/issues/436#issuecomment-392069853))