Scan files for malicious code #24

as-com · 2014-07-10T23:09:29Z

As mentioned in the Gitter chat room...

Here are some ideas to start with:

Scan for domains listed on blacklists (such as this, this, this, this, this or just Google it)
Complain when it detects obfuscated code (eval(function(p,a,c,k,e,r){...}), eval(function(p,a,c,k,e,d){...}), eval(function(w,h,a,t,e,v,e,r){...}) or even just eval(function(...){...}))
Run code through this service

The text was updated successfully, but these errors were encountered:

megawac · 2014-07-10T23:19:36Z

Ya I looked at wepawet at the start of this project. Couldn't get it working and it's too slow. Need a command line tool.

If anyone has any ideas of how to identify domains in a script let me know

as-com · 2014-07-10T23:49:25Z

Have you looked at this script (graciously provided by Wepawet)?
https://gist.github.com/as-com/3ad1fa206d14f32741ce

Also, I don't think there is a need to find all domains in the files. You could just string.find all of the urls in the blacklists.

megawac · 2014-08-08T01:41:12Z

I think I'm going to punt on this one unless someone else wants to try and get it working

as-com · 2014-11-18T21:35:52Z

I just tried out VirusTotal on some malicious JavaScript, and the results may be helpful to the bot. It has an api as well.

megawac added help wanted labels Aug 8, 2014

megawac closed this as completed Feb 13, 2015

Provide feedback