FYI - some people here might find this interesting.
---------- Forwarded message ----------
From: "Niels Provos" <pro..._at_gmail.com>
Date: Feb 19, 8:25 pm
Subject: Checking your site with SpyBye
To: stopbadware
There has been a recent flurry of messages from web masters who would
like better tools to check if their web pages are dangerous. I spent
the last few evenings, writing a tool that can help exactly with
that. The result is SpyBye:
http://www.spybye.org/
SpyBye has been implemented as a simple proxy server on top of
libevent. To start, you need to configure your web browser to use
SpyBye as proxy. SpyBye then traces all requests made as a result of
visiting a web page and classifies them into harmless, unknown and
dangerous. The classification is based on patterns and not very
sophisticated. However, by using your browser to drive a web page, we
get to see requests that might otherwise be hidden from us, for
example, due to javascript obfuscation.
Once an URL has been analyzed, you see a result similar to this:
http://www.spybye.org/uploads/spybye.jpg
Based on the analysis, it should be straight forward to determine if
your web site does something unexpected.
I hope this works for you.
Niels.
Received on Feb 20 2007
Intro
