
Antoine Vastel is joining Castle as Head of Research
Bot detection is broken. Attackers have moved far beyond basic bot scripts—they’re leveraging AI, residential proxies, and sophisticated
Research and insights on stopping modern bots and fraud
Bot detection is broken. Attackers have moved far beyond basic bot scripts—they’re leveraging AI, residential proxies, and sophisticated
Disposable email addresses are temporary inboxes that allow users to receive messages without linking the address to a long-term identity.
In every HTTP request, the user agent header acts as a self-declared identity card for the client—typically a browser—
Bots are often used to conduct attacks at scale. They can be used to automatically test stolen credit cards, steal
This is the third article in our series on anti-detect browsers. In our previous article, we analyzed Undetectable, a widely
The good old days where bots used PhantomJS and could be detected because they didn’t support basic JavaScript features
Headless Chrome bots powered by Playwright have become a go-to tool for bot developers due to their flexibility and efficiency.
Headless Chrome bots powered by Puppeteer are a popular choice among bot developers. The Puppeteer API’s ease of use,
This is the second article of our series about anti-detect browsers. In the first article, we gave an overview of
This is the first article of a series about anti-detect browsers. In this article, we provide an overview of anti-detect
Bot detection is broken. Attackers have moved far beyond basic bot scripts—they’re leveraging AI, residential proxies, and sophisticated
In a previous blog post, we talked about canvas fingerprinting, a technique commonly used to detect fraudsters and bots. In
Browser fingerprinting leverages different JavaScript attributes related to the user's device, OS, and browser. When it comes to