Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

http-unsafe-host.nse - Script to check if host is known for distributing malware or being used in phishing attacks

From: Paulino Calderon <paulino () calderonpale com>
Date: Mon, 04 Jul 2011 01:05:26 -0700
Hi nmap-dev,
I'm attaching 'http-unsafe-host.nse', feedback is welcomed. You can try it against some malware infected sites from http://www.malwareblacklist.com/showMDL.php 

description = [[
http-unsafe-host checks if hosts are on Google's blacklist of suspected malware and phishing servers. These lists are constantly updated and are part of Google's Safe Browsing service.
To use this script you need to have your own API key to access Google's Safe Browsing Lookup services. Sign up for yours at http://code.google.com/apis/safebrowsing/key_signup.html 

* To learn more about Google's Safe Browsing:
http://code.google.com/apis/safebrowsing/

* To register and get your personal API key:
http://code.google.com/apis/safebrowsing/key_signup.html
]]
---
-- @usage
-- nmap -p80 --script http-unsafe-host <host>
--
-- @output
-- PORT   STATE SERVICE
-- 80/tcp open  http
-- |_http-unsafe-host.nse: Host is known for distributing malware.
--
-- @args http-unsafe-host.url URL to check. Default: <code>http/https</code>://<code>host</code> 
---

Cheers.

--
Paulino Calderón Pale
Web: http://calderonpale.com
Twitter: http://www.twitter.com/paulinocaIderon

Attachment: http-unsafe-host.nse
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: