Research and insights on stopping modern bots and fraud
Today, May 15, 2025, Castle extends its proven behavioral detection to the network edge through a no-code, fully managed Cloudflare
A recent Hacker News post looked at the reverse engineering of TikTok’s JavaScript virtual machine (VM). Many commenters assumed
This is the second edition of our monthly tracker highlighting email domains linked to fraudulent activity. Just like in April’
In this post, we analyze an open-source CAPTCHA solver designed to bypass a custom challenge deployed on Binance, one of
Today, May 15, 2025, Castle extends its proven behavioral detection to the network edge through a no-code, fully managed Cloudflare
This is the fourth article in our series on anti-detect browsers. In the previous post, we explained how to detect
Disclaimer: If you're here for the holy grail of bot detection, this may not be it, unless your
This is the first release in a new Castle series highlighting email domains associated with fraudulent activity. Our goal is
Disposable email addresses are temporary inboxes that allow users to receive messages without linking the address to a long-term identity.
In every HTTP request, the user agent header acts as a self-declared identity card for the client—typically a browser—
Bots are often used to conduct attacks at scale. They can be used to automatically test stolen credit cards, steal
This is the third article in our series on anti-detect browsers. In our previous article, we analyzed Undetectable, a widely
The good old days where bots used PhantomJS and could be detected because they didn’t support basic JavaScript features
