Breaking down Akamai's mobile bot management SDK on Android — the encryption sch...
martinsummers
In this post, I will be covering a dynamic JavaScript and Java anti-bot solution...
obfio
In this blog, I'll be reverse-engineering the custom Twitter JS challenge used f...
In this blog I'll be doing web reverse-engineering on Twitter. For context, I ha...
This is part 2 to a series where I'm showing the process of reverse engineering ...
Firstly, I want to introduce PerimeterX (PX) anti-bot. PX is a very common anti-...
The main reason for reverse engineering an anti-bot, which we did in part 1, is ...
This is the final part of a 3 part series covering the X-Client-Transaction-Id
Exploring how Cloudflare's Turnstile CAPTCHA detects automated clicks, and how C...
Yacine Sellami
I’m conflicted every time I write one of these posts.
nullpt.rs
A technical walkthrough of Shape Security's JavaScript VM-based protection — unp...
svebaa
[Improving Antibot Biometric Protections Through Threat Intelligence and Reverse...
Atlas
ShapeSecurity's Javascript Virtual Machine(VM) has a remarkable reputation for b...
botting.rocks
In previous part, we talked about the VM Internals especifically about the VM Ma...
Okay, now that we have finished talking about the VM Machinery in part 1 and the...
In-Depth Control-Flow-Flattening Analysis
Nero
In this blog post, I will be documenting the journey veritas and I took to extra...
Debuggers serve as invaluable tools that empower developers to halt code executi...
](https://www.mimic.sbs/antibot/On-Anti-Bot-Biometric-Protections.md/)
The second part of deobfuscating Imperva's utmvc anti-bot script — diving deeper...
yog
This article I am going to show you how you can use various tools to reverse eng...
In part 1 we successfully revealed all of the strings in the script. In this par...
This is a continuation of a series. If you haven't read the previous post, click...
A deep dive into Kasada's virtualization obfuscation on Nike.com — reverse engin...
TikTok has a reputation for its aggressive data collection. In fact, an article ...
In this post, we will be continuing what we did in part 1, focusing on making a ...
In this post, we will be targetting and reverse engineering the CoinMarketCap(CM...
We've been through quite a ride till now, but it only gets better. Today we'll t...
Our script got to be pretty beautiful, we might say. But, let's look at some sni...
Last time, we've made great progress in making the script a little more human-fr...
NodeJSinstalled, a text editor or IDE (in my case I useVSCode) and most preferab...
We've got over the first part! After beautifying the file, it looks something li...
Let’s imagine for a second you want to bot a website. Though, why would you wann...
We got to the point I’ve been waiting for: AST Manipulation and Regex.
A mathematical model for generating realistic human mouse movements — combining ...
Benjamin J. Land
Hello folks, due to the overwhelmingly positive feedback of the last two article...
In part 1 we covered how Supreme fetches data from the mobilestock endpoint. We ...
