Need help with evercookie?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

samyk
4.0K Stars 660 Forks 170 Commits 53 Opened issues

Description

Produces persistent, respawning "super" cookies in a browser, abusing over a dozen techniques. Its goal is to identify users after they've removed standard cookies and other privacy data such as Flash cookies (LSOs), HTML5 storage, SilverLight storage, and others.

Services available

!
?

Need anything else?

Contributors list

# 16,155
Perl
C
Raspber...
Arduino
16 commits
# 33,873
unix
coffees...
node-js
XML
16 commits
# 101,854
C#
PHP
11 commits
# 123,303
PHP
depende...
databas...
Docker
6 commits
# 56,772
Dart
gitlab
GraphQL
gatsbyj...
4 commits
# 11,024
React
Webpack
prerend...
Vue.js
4 commits
# 40,155
css-fra...
Express
Clojure
Amazon ...
3 commits
# 203,974
tinder
python-...
PHP
2 commits
# 208,471
PHP
Symfony
Shell
schema-...
2 commits
# 151,945
faceboo...
PHP
social-...
social-...
2 commits
# 65,999
React
theming
Redux
Shell
2 commits
# 222,604
ssh-key
bastion...
C#
PHP
1 commit
# 14,417
Koa
yml
opentyp...
opam
1 commit
# 199,666
mtproto
teletho...
Shell
Telegra...
1 commit
# 266,948
C#
PHP
1 commit
# 52,698
Ember
Babel
webasse...
google-...
1 commit
# 24,286
Java
bukkit
craftbu...
ooxml
1 commit
# 266,949
C#
PHP
1 commit
# 88,793
PHP
rabbitm...
yii2
beansta...
1 commit
# 180,203
PHP
React
popup-w...
sticky
1 commit

Evercookie

Evercookie is a Javascript API that produces extremely persistent cookies in a browser. Its goal is to identify a client even after they've removed standard cookies, Flash cookies (Local Shared Objects or LSOs), and others.

This is accomplished by storing the cookie data on as many browser storage mechanisms as possible. If cookie data is removed from any of the storage mechanisms, evercookie aggressively re-creates it in each mechanism as long as one is still intact.

If the Flash LSO, Silverlight or Java mechanism is available, Evercookie can even propagate cookies between different browsers on the same client machine!

By Samy Kamkar, with awesome contributions from others

Browser Storage Mechanisms

Client browsers must support as many of the following storage mechanisms as possible in order for Evercookie to be effective.

To be implemented someday (perhaps by you?):

The Java persistence mechanisms are developed and maintained by Gabriel Bauman over here.

Backend Server

Some of the storage mechanisms require a backend server. This package comes with PHP implementation of the etag, cache and png backend servers. - For Node.js version, please visit node-evercookie. - For Django version, please visit Django Evercookie

Caveats

Be warned! Evercookie can potentially cause problems for you or your users.

  • Some storage mechanisms involve loading Silverlight or Flash in the client browser. On some machines this can be a very slow process with lots of disk thrashing. On older mobile devices this can render your site unusable.

  • CSS History Knocking can cause a large number of HTTP requests when a cookie is first being set.

  • In some circles, it is considered rude to use Evercookie. Consider your reputation and your audience when using Evercookie in production.

  • Browser vendors are doing their best to plug many of the holes exploited by Evercookie. This is a good thing for the Internet, but it means what works today may not work so well tomorrow.

You are responsible for your own decision to use Evercookie. Choose wisely.

Got an idea?

Open a pull request!

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.