How Does the RidgeBOT Pass CAPTCHAs in a Pen Test?

by | Apr 20, 2020 | AI in Automated Pen Test

CAPTCHAs—Completely Automated Public Turing test to tell Computers and Humans Apart.

To train a computer or “robot” to become an ethical hacker is not a trivial task. The obvious question that comes to mind is, “how can it pass CAPTCHAs—automated tests to tell computers and humans apart?” These tests, designed to be easily solvable by humans, are unsolvable by machines, like the familiar, widely used images below for almost every single login to a system. As a computer, RidgeBOT has to learn how to recognize CAPTCHAs.

Traditionally, captcha recognition is mainly through noise reduction and distortion processing on the image. Then, after cutting the image into individual parts, use the OCR optical recognition technology to identify each character. As today’s Captcha is getting more and more complex, this traditional method doesn’t work well anymore. It fails in many cases and results in a low recognition rate.

To improve the recognition rate, RidgeSecurity utilizes an active, deep-learning model for CAPTCHA recognition. In our approach, CAPTCHAs are directly converted into data arrays as input into the deep learning model. After being trained by a large volume of data samples, the model can accurately predict the results, based on its particular data array. In this way, RidgeBOT can recognize all types of CAPTCHAs and achieve the recognition rate at 96.3%+. The following table lists some of the supported CAPTCHA types and their corresponding recognition rate.

RidgeBOT is an automated penetration system, using techniques utilized by literally millions of hackers that penetrate systems. We apply the latest technologies of Artificial Intelligence to make RidgeBOTs as smart as human beings.