Author Topic: Posting Malicious Sites  (Read 6178 times)

0 Members and 1 Guest are viewing this topic.

October 25, 2007, 07:33:50 am
Read 6178 times

sowhat-x

  • Guest
...thought it would be useful to add the following info...
say in order to make the "http malware digging" process easier,
for the not-so-experienced fellas out there...  :)

Domains hosting malware come up and go down quite frequently for obvious reasons,
thereby,manually verifying "by hand" the existence of each one is quite tedious...
So,in order to check lots of http addresses in a semi-automated way,
I suggest using one of the following link checkers...
maybe there are better apps out there,
these are just the ones that I've used in the past also...

For win32 platforms...
Xenu's Link Sleuth is probably the most popular and widely known freeware link checker,
and it also seems to be updated occasionally...
http://home.snafu.de/tilman/xenulink.html
Alternatively,you could use the older "Intellitamper 2.08 Beta":
it's development has stopped and it's kind of buggy,at least in my experience...
still though,it has some useful features,eg.like directory bruteforcing etc...
It can still be found in Softpedia-alike places:
http://www.softpedia.com/get/Internet/Other-Internet-Related/IntelliTamper.shtml

Speaking of "directory bruteforcing",
if you come across some malware hosting domain that you wanna dig up some more info,
the following tool from OWASP is probably the best choice currently:
http://www.owasp.org/index.php/Category:OWASP_DirBuster_Project
It's Java-based,ie.it can be used in a cross-platform way under every OS out there...

And finally,speaking of "cross-platform compatibility",
there are more than a few Perl/Python-based tools out there that can do the trick.
Most of them can be easily found in SourceForge,eg.here's a starting point:
http://linkchecker.sourceforge.net/other.html