Bad bots traffic represents around a quarter of Internet traffic today and is predicted to increase. This traffic includes website content scanning, stolen credit card checking, denial of service, inventory... In this talk, we describe how as a security company we tackle this variety of threats, how we started our research, the challenges we faced and the solutions we provided. This talk includes an overview of the general trend in terms of popular bot programming languages, software development frameworks. Then, practical examples will be taken from the most prevalent bots from the OWASP top 10 automated threats. The general architecture of those bots will be displayed. The main components explained before drilling down to the key features they include to remain undetected. How do they evade captcha systems? How do they avoid fingerprinting? From the naive approaches we will introduce you to the most stealthy features.