Breaking down Akamai's mobile bot management SDK on Android — the encryption sch...
martinsummers
Chromium requires Visual Studio 2022 >= 17.0.0. You must install the following:
Yacine Sellami
In this post, I will be covering a dynamic JavaScript and Java anti-bot solution...
obfio
Benchmarking Python's HTTP stack to its limits — comparing aiohttp, httpx, and c...
tjaycodes
In the expanding world of AI my heart still lies in AST transforms, browser fing...
nullpt.rs
In this blog, I'll be reverse-engineering the custom Twitter JS challenge used f...
In this blog I'll be doing web reverse-engineering on Twitter. For context, I ha...
This is part 2 to a series where I'm showing the process of reverse engineering ...
Firstly, I want to introduce PerimeterX (PX) anti-bot. PX is a very common anti-...
The main reason for reverse engineering an anti-bot, which we did in part 1, is ...
This is the final part of a 3 part series covering the X-Client-Transaction-Id
Exploring how Cloudflare's Turnstile CAPTCHA detects automated clicks, and how C...
I’m conflicted every time I write one of these posts.
Passwords are dying—slowly, awkwardly, and not without a fight. Large parts of t...
This project was entered into as a learning experience, to enhance my knowledge ...
And How to Use It to Identify Malicious Traffic
John Althouse
A technical walkthrough of Shape Security's JavaScript VM-based protection — unp...
svebaa
In today's article we will look over file manipulation and debugging of NodeJS a...
Nero
[Improving Antibot Biometric Protections Through Threat Intelligence and Reverse...
Atlas
ShapeSecurity's Javascript Virtual Machine(VM) has a remarkable reputation for b...
botting.rocks
In previous part, we talked about the VM Internals especifically about the VM Ma...
Okay, now that we have finished talking about the VM Machinery in part 1 and the...
Today we are diving a little to see how @babel/traverse
In-Depth Control-Flow-Flattening Analysis
On October 10th, 2023, I stumbled upon an arbitrary code execution vulnerability...
SteakEnthusiast
FairPlay comprises a set of algorithms created by Apple for digital rights manag...
Nicolò Altamura
As of 2023, Grand Theft Auto V remains the second best-selling video game at 185...
In this blog post, I will be documenting the journey veritas and I took to extra...
Debuggers serve as invaluable tools that empower developers to halt code executi...
Exploring native functions on Android tutorial. Mobile penetration testing often...
Moty Manelis
](https://www.mimic.sbs/antibot/On-Anti-Bot-Biometric-Protections.md/)
The second part of deobfuscating Imperva's utmvc anti-bot script — diving deeper...
yog
This article I am going to show you how you can use various tools to reverse eng...
In part 1 we successfully revealed all of the strings in the script. In this par...
enter: (node: t.Node, opts?: any) => void,
Of course, we used it on this blog to reverse engineer a good part of Incapsula ...
This is a continuation of a series. If you haven't read the previous post, click...
A deep dive into Kasada's virtualization obfuscation on Nike.com — reverse engin...
TikTok has a reputation for its aggressive data collection. In fact, an article ...
In this post, we will be continuing what we did in part 1, focusing on making a ...
In this post, we will be targetting and reverse engineering the CoinMarketCap(CM...
Sometimes when working on scraping some website you look into JavaScript code an...
rl1987
This article assumes a preliminary understanding of Abstract Syntax Tree structu...
Deobfuscating Javascript via AST: Converting Bracket Notation => Dot Notation fo...
Welcome to the first article in my series about Javascript deobfuscation. I won’...
A deep dive into building disassemblers for virtual machine-based code obfuscati...
Tim Blazytko
We've been through quite a ride till now, but it only gets better. Today we'll t...
Our script got to be pretty beautiful, we might say. But, let's look at some sni...
Last time, we've made great progress in making the script a little more human-fr...
NodeJSinstalled, a text editor or IDE (in my case I useVSCode) and most preferab...
We've got over the first part! After beautifying the file, it looks something li...
Let’s imagine for a second you want to bot a website. Though, why would you wann...
We got to the point I’ve been waiting for: AST Manipulation and Regex.
A mathematical model for generating realistic human mouse movements — combining ...
Benjamin J. Land
There's no two ways about it, Python is slow.
Kevin Chung
Jscrambler, a leader in JavaScript Client-side security makes claims to “Bullet-...
Hello folks, due to the overwhelmingly positive feedback of the last two article...
In part 1 we covered how Supreme fetches data from the mobilestock endpoint. We ...
