Research
·
What a Binance CAPTCHA solver tells us about today’s bot threats
In this post, we analyze an open-source CAPTCHA solver designed to bypass a custom challenge deployed on Binance, one of
Antoine Vastel
Antoine is currently the Head of Research at Castle. In this role, he focuses on improving Castle's bot detection engine using different approaches, including behavioral detection, and fingerprinting.
Latest
Research
·
Detecting Hidemium: Fingerprinting inconsistencies in anti-detect browsers
This is the fourth article in our series on anti-detect browsers. In the previous post, we explained how to detect
Research
·
Detect and crash Chromium bots with one weird trick (bots hate it!)
Disclaimer: If you're here for the holy grail of bot detection, this may not be it, unless your
Research
·
Fraudulent email domain tracker: April 2025
This is the first release in a new Castle series highlighting email domains associated with fraudulent activity. Our goal is
Research
·
Understanding disposable emails
Disposable email addresses are temporary inboxes that allow users to receive messages without linking the address to a long-term identity.
Research
·
How dare you trust the user agent for bot detection?
In every HTTP request, the user agent header acts as a self-declared identity card for the client—typically a browser—
Research
·
Why traditional bot detection techniques are not enough, and what you can do about it
Bots are often used to conduct attacks at scale. They can be used to automatically test stolen credit cards, steal
Analyzing anti-detect browsers: How to detect scripts injected via CDP in Chrome
This is the third article in our series on anti-detect browsers. In our previous article, we analyzed Undetectable, a widely
Research
·
Bot detection 101: How to detect bots In 2025?
The good old days where bots used PhantomJS and could be detected because they didn’t support basic JavaScript features
Research
·
How to detect Headless Chrome bots instrumented with Playwright?
Headless Chrome bots powered by Playwright have become a go-to tool for bot developers due to their flexibility and efficiency.
Research
·
How to detect Headless Chrome bots instrumented with Puppeteer?
Headless Chrome bots powered by Puppeteer are a popular choice among bot developers. The Puppeteer API’s ease of use,
Research
·
Anti-detect browser analysis: How to detect the Undetectable browser?
This is the second article of our series about anti-detect browsers. In the first article, we gave an overview of