Hackers of India
Award

CAPTCHA Hax With TesserCap

By Gursev Singh Kalra on 17 Nov 2011
๐Ÿ’ป Source Code ๐Ÿ”— Link
#web-security #bypassing #authentication
Focus Areas: ๐Ÿ” Application Security , ๐Ÿชช Identity & Access Management , ๐ŸŽฏ Penetration Testing , ๐ŸŒ Web Application Security

Abstract

Recognized as Web Hacking Top 10 Techniques in the year 2011

From: http://gursevkalra.blogspot.com/2011/11/captcha-hax-with-tessercap.html

With the goal of creating a tool that can help security professionals and developers to test their CAPTCHA schemes, I conducted a research on over 200 high traffic websites and several CAPTCHA service providers listed on Quantcastโ€™s Top 1 Million Ranking Websites .

During the same time frame, students at the Stanford University also conducted a similar research (PDF) . Both research works concluded the obvious:

An alarming number of CAPTCHAs schemes are vulnerable to automated attacks.