← back to gallery

CAPTCHA Audit

Privacy scanner for website bot-verification systems with provider grading

dev-toolsprivacycaptchasecurityauditgrapheneos
Open product ↗

CAPTCHA Audit

Privacy audit tool for website bot-verification systems. Paste any URL, get an instant report on what CAPTCHA provider it uses, a privacy grade (A-F) based on data collection practices, and privacy-friendlier alternatives.

What It Does

API Endpoints

| Method | Path | Description |
|--------|------|-------------|
| GET | /captcha-audit/health | Health check, returns { ok: true } |
| POST | /captcha-audit/api/audit | Submit URL for audit. Body: { "url": "https://..." } |
| GET | /captcha-audit/api/audit/:pid | Retrieve audit by shareable ID |
| GET | /captcha-audit/api/recent | Last 50 audits. Query: ?limit=N |
| GET | /captcha-audit/api/providers | Full CAPTCHA provider catalog with privacy profiles |
| GET | /captcha-audit/api/stats | Aggregate stats: total audits, grade distribution, top providers |
| GET | /captcha-audit/api/hn | Latest CAPTCHA-related HN stories |

Data Sources

| Source | URL | Refresh Interval |
|--------|-----|-----------------|
| Target URL HTML | Server-side fetch() of user-submitted URLs | On-demand per request |
| CAPTCHA provider patterns | Curated from Wappalyzer OSS rules (static, baked into lib/providers.js) | N/A |
| HN Algolia API | https://hn.algolia.com/api/v1/search?tags=story&query=captcha&hitsPerPage=20 | Every 60 minutes via node-cron |

Run Locally

npm install
PORT=4752 node server.js
# Open http://localhost:4752/captcha-audit/

Stack