Re: Web Content Change Management / Scanner

[Brian Reilly <reillyb () GEORGETOWN EDU>]

On 8/3/06, Randy Grimshaw <rgrimsha () syr edu> wrote:
> I would like to investigate remote tools that traverse our web
> presence, track changes, and scan those changes for hostile code, links,
> images etc.
>
> any suggestions are gratefully accepted.

Randy,

It might not be exactly what you're looking for, but if the web
content is indexed by Google, you should be able to find (some)
hostile code with the Metasploit Malware Search tool
(http://www.metasploit.com/research/misc/mwsearch/mwsearch.html).
You'll have to modify the source (written in Ruby) to make it
site-specific and search through all of its malware signatures.
You'll also need a Google API key.  The malware signature DB isn't
huge, but it's due to be updated and you can generate your own
signatures.  May be worth checking out.

--Brian