Captchas are used on many websites to protect user accounts from bots and other automated programs, preventing them from accessing the website. According to Imperva's research, harmful bots generate 25.6% of all web traffic in 2020. They are used by spammers to send automated messages to users, and by hackers to attack websites with automated scripts that often wreak havoc on the site’s performance.
Detecting and preventing malicious activity such as botnet attacks is a critical area of focus for threat intel analysts, security operators, and threat hunters. Taking up the Mozi botnet as a case study, this blog post demonstrates how to use open source tools, analytical processes, and the Elastic Stack to perform analysis and enrichment of collected data irrespective of the campaign.