Honeypots mailing list archives
Fwd: Checking your site with SpyBye
From: "Niels Provos" <provos () gmail com>
Date: Tue, 20 Feb 2007 08:02:27 -0000
FYI - some people here might find this interesting. ---------- Forwarded message ---------- From: "Niels Provos" <pro... () gmail com> Date: Feb 19, 8:25 pm Subject: Checking your site with SpyBye To: stopbadware There has been a recent flurry of messages from web masters who would like better tools to check if their web pages are dangerous. I spent the last few evenings, writing a tool that can help exactly with that. The result is SpyBye: http://www.spybye.org/ SpyBye has been implemented as a simple proxy server on top of libevent. To start, you need to configure your web browser to use SpyBye as proxy. SpyBye then traces all requests made as a result of visiting a web page and classifies them into harmless, unknown and dangerous. The classification is based on patterns and not very sophisticated. However, by using your browser to drive a web page, we get to see requests that might otherwise be hidden from us, for example, due to javascript obfuscation. Once an URL has been analyzed, you see a result similar to this: http://www.spybye.org/uploads/spybye.jpg Based on the analysis, it should be straight forward to determine if your web site does something unexpected. I hope this works for you. Niels.
Current thread:
- Fwd: Checking your site with SpyBye Niels Provos (Feb 20)