> it's well known that malicious sites behave differently on certain conditions, one is having the developer tools opened
I had always wondered if they do, and I've known it's possible, but this is the first time I've heard any accounts of it. Would you have more info on this?
As someone who has worked on scraping sites that really didn't want to be scraped, there is all kinds of interference with dev tools in the wild.
There are many ways to detect it's open (eg. https://github.com/sindresorhus/devtools-detect) and it's also possible to mess with it without knowing it's open. A method that's wildly used is firing the debugger break command many times a second, along with other stuff that makes using the tools nearly impossible (slows the browser down to a halt)
That script doesn't seem to be able to detect the chrome devtools when they're undocked, so that seems pretty easy to circumvent (who has them docked anyway?). The debugger break thing should be solvable with https://developers.google.com/web/tools/chrome-devtools/java...
I had always wondered if they do, and I've known it's possible, but this is the first time I've heard any accounts of it. Would you have more info on this?