Fwd: Checking your site with SpyBye

["Niels Provos" <provos () gmail com>]

FYI - some people here might find this interesting.


---------- Forwarded message ----------
From: "Niels Provos" <pro... () gmail com>
Date: Feb 19, 8:25 pm
Subject: Checking your site with SpyBye
To: stopbadware


There has been a recent flurry of messages from web masters who would
like better tools to check if their web pages are dangerous.  I spent
the last few evenings, writing a tool that can help exactly with
that.  The result is SpyBye:

 http://www.spybye.org/

SpyBye has been implemented as a simple proxy server on top of
libevent.  To start, you need to configure your web browser to use
SpyBye as proxy.  SpyBye then traces all requests made as a result of
visiting a web page and classifies them into harmless, unknown and
dangerous.  The classification is based on patterns and not very
sophisticated.  However, by using your browser to drive a web page, we
get to see requests that might otherwise be hidden from us, for
example, due to javascript obfuscation.

Once an URL has been analyzed, you see a result similar to this:

 http://www.spybye.org/uploads/spybye.jpg

Based on the analysis, it should be straight forward to determine if
your web site does something unexpected.

I hope this works for you.

Niels.