CAPTCHA gating is the practice of placing a CAPTCHA challenge in front of content, downloads, or redirects so a visitor must solve it before continuing. In security terms, it is an access barrier that can separate human users from automated tools such as crawlers, sandboxes, and bot-driven scanners.
Attackers use CAPTCHA gating to add friction to analysis. A malicious page may show harmless content to automated systems, delay payload delivery, or require a human interaction before revealing a loader, redirect, or download link. That can reduce what defenders see on the first pass and make static or automated inspection less effective. Defenders also use CAPTCHA as a rate-limit or abuse-control measure, but on suspicious sites it should be treated as an evasion signal, especially when paired with obfuscation or staged execution.