🛡️ Client-Trace Security Suite

Interactive Demo & Testing Platform

🔐 Integrity Verification

Bundle Integrity Check

Verify the integrity of a JavaScript bundle using SHA-256 hashing.

Session Integrity Token

Generate a signed session token binding user identity to device context.

🌐 Network Analysis

Monkey-Patch Detection

Detect if native fetch or XHR APIs have been tampered with.

Proxy Detection

Check for proxy signatures in HTTP headers.

Timing Anomalies

Measure network timing to detect potential MITM attacks.

🔍 Fingerprinting & Behavior

Device Fingerprint

Generate a privacy-safe device identifier.

Bot Detection

Analyze user behavior (mouse entropy, click speed) to identify automated bots.

How to trigger "Bot Detected":

  • 🤖 Option A (Scripted): Click "Simulate Bot Movement" to programmatically inject perfect straight-line mouse events.
  • Option B (Manual): Try clicking this box extremely fast (>10 times/sec).

🔒 Security Monitoring

Script Injection Detection

Monitor for unauthorized script tags and suspicious globals.

CSP Violation Listener

Listen for Content Security Policy violations.

Storage Tampering Detection

Detect unauthorized changes to localStorage.

🚀 Transport Security

Payload Signing

Sign data with HMAC-SHA256 for authenticity.

Encrypted Transport

Encrypt telemetry using AES-GCM.

Nonce-Based Replay Protection

Generate and rotate nonces to prevent replay attacks.

📊 Full Security Report

Collect Aggregated Security Report

Run all security checks and generate a comprehensive report.