I've been researching the bot & proxies space for years. I slowly incubated a service to protect public forms, contents and APIs. It recenty reached a few million daily requests and I now dare to bring it to light.

Truesign detects bots, proxies/vpns and fake emails, through a single request from the browser, without challenges or user interaction. It can block the request based on rules you choose, or grant a token with encrypted information about the visitor for you to decide.

I created a few pages to showcase how it works:

- https:/demo.truesign.ai/protected-form : a form you can't post if you're a bot, a human behind a vpn, or input a fake/disposable email

- https:/demo.truesign.ai/protected-content : a page you can't access if you're a bot or a human behind a vpn

- https:/demo.truesign.ai/protected-content-no-js : like above but there's no Javascript analysis of the browser, it only catches trivial bots like a python script or curl. For those that need to serve their content to javascript-less cients.

I'd love if you hackers could attempt to troll the above using bots or VPNs. I'll share the results in 24h.

Some interesting points about Truesign:

- your contents are protected by simple HTTP redirections, no need to place your whole infra behind a MITM (== Cloudflare)

- attack detection: allow bots and anonymizers until their traffic exceeds a suspicious threshold

- granular rules (i.e. block bots, flag fake emails) that can be switched in real time

- admin dashboard to inspect and analyze your traffic

There's a free plan to play around. Also I offer discounts to free/public services.

Super interested in your feedback!