- Edited
Adblocking is not a privacy or security feature. It is merely for convenience. Badness enumeration generally does not work.
Depending on the implementation, having an adblocker may increase attack surface. See this for an example:
https://portswigger.net/research/ublock-i-exfiltrate-exploiting-ad-blockers-with-css
As for fingerprinting resistance, if your threat model calls for it, the Tor Browser is your only option. Brave's resistance is only enough to fool naive scripts - more sophisticated ones like https://fingerprint.com/ can fingerprint it as usual. It's resistance is only nice-to-have, not something you can seriously rely on if this is the threat model.
Like @GrapheneOS said, what you are doing is the exact opposite of what you should be doing if fingerprinting is a concern. A crucial part of this is not using such a niche setup that you are the only one using it. Take for example, the Tor browser has 3 different privacy mode which changes NoScript configurations. You cannot use the safest mode, but you don't wanna do all the way down to the safer or standard mode. You go ahead and make your own NoScript configuration. Does that make you stick out from the rest of Tor Browser users? Yes it does.
As for what threat model a browser without fingerprinting resistance or adblocking would acceptable for - a lot of them, especially ones where you already login to an account that identifies you - banking, work, LinkedIn, GitHub and so on. I personally use Edge for most of these tasks for example, because with them security is what matters.