Assessing a site to see if it’s malicious is very difficult and cumbersome.  However, by using some very simple GUI tools, this process can become quite intuitive.

This module focuses on an introduction to Malzilla & JSDetox, very usefuls tool for assessing websites for client-side exploitation.

  • Create your own client-side honeypot
    • Github: buffer/thug
    • Cuckoosandbox.org
  • Use online tools for increased confidence
    • wepawet.iseclab.org
    • VirusTotal.com
  • New tools entering arena:
    • Revelo (kahusecurity.com)
    • Javascript Deobfuscation Firefox Plugin


You must Sign-In to post a comment.