Web Browser Security — BrowserLeaks.com

Since the ancient times it is considered that the IP Address and the HTTP Cookies is the only reliable digital fingerprints which affects the online privacy and web browser identity. After a while, the privacy invaders began to looking for the ways to increase the user-tracking reliability to identify users from the general flow, they started to collect more and more additional user sensitive information.

Today the situation is more disappointing. Modern web browsers has not been architected to assure personal web privacy. Developers of major anonymity networks like Tor have no choice to edit the source code of a web browsers to somehow smooth over the situation, but this is sometimes not enough.

BrowserLeaks.com — It's all about Web Browser Fingerprinting. Here you will find the gallery of web browser security testing tools, that tell you what exactly personal identity data may be leaked without any permissions when you surf the Internet.

IP Address

Main tool that illustrates server-side abilities to expose the user identity. It contains a basic features, such as Showing Your IP Address and HTTP Request Headers. As well as Proxy Detection in all possible XFF headers. GeoIP Data Acquisition about the general IP Address and all of a Proxy IP's (Country, State, City, ISP/ASN, Local Time, Latitude/Longitude), and put all IP places to the Map. In addition, here is a special features — Passive TCP/IP stack OS Fingerprinting, DNS and WebRTC Leak Tests.


A lot of user data can be obtained using common JavaScript functionality. DOM Window Object disclose much of sensitive information about the web browser: User-Agent, Architecture, OS Language, System Time, Screen Resolution. There is a listing of the NPAPI Plug-ins and Windows Explorer Components. Also there is already implemented: detection and obtaining data through a brand new HTML5 API's, such as the Battery Status API and Navigation Timing API.

Flash Player

Describes the Flash Player Runtime properties that can be provided through the use of AS3 System Capabilities: Flash Version, Plugin Type, Operating System, Manufacturer, System Language, Web Browser Architecture, Screen Resolution, and many other properties that describe the hardware and multimedia capabilities of the system.


Getting system information using Silverlight Plug-In, installed in your web browser. Shows your system environment details such as: OS Version, Processor Count, System Uptime, Time Zone, Installed Fonts, System and User Culture, Region and Language OS settings, as well as part of evercookie to test Silverlight Isolated Storag Cookies.


WebGL Browser Report checks WebGL support in your browser, produce WebGL Fingerprinting, shows other WebGL and GPU capabilities more or less related web browser identity. Also this page contains the How-To enable or disable WebGL in a modern web browsers.

Java Applet

What kind of permissions usual unsigned Java Applet has? It can be the extended Java Machine description, OS Detection: Name, Version, Arch, User Locale, and some file system related information. CPU Cores count, amount of Dedicated Memory, JVM instance Uptime, Network Interfaces Enumeration.

Canvas Fingerprinting

Browser Fingerprinting without any of user agent identifiers, only through HTML5 Canvas element. The method is based on the fact that the same canvas-code can produce different pixels on a different web browsers, depending on the system on which it was executed.

Content Filters

The set of demos that try to determine Content Filters usage, is the type of applications that operate between the browser and the web page, and are designed to manipulate the connection and content of a visited web pages. Among them are Tor Browser, Privoxy, Adblock Detectors.

Geolocation API

Tool for testing HTML5 Geolocation API. Checking the browser's permissions to geolocation. Based on the latitude longitude and accuracy received from the browser, shows the possible radius of your location on the interactive map.

Features Detection

Web Browser's Features Detection via Modernizr — library that detects HTML5 features. It once again shows how powerfully modern JavaScript affects to web browser's identity. This tool is also used by web developers as "Modernizr Helper", quick testing web browsers compatibility with HTML5 features.

More Tools

Here is a list of new experemental, as well as controversial/possibly broken/deprecated tools:

Privacy Policy

No information is collected, only usual httpd access log. All cookies is browser-based, and there is no sessions. But some third-party embedded stuff: Disqus, Analytics, Maps. You can disable all of this via Privacy Settings.