Monitoring Web Sites for Malware Injection with Web Detector

Explore a conference talk from AppSecEU 2014 that introduces WebDetector, an innovative web monitoring tool designed to detect malware injection in websites. Learn about the alarming prevalence of website vulnerabilities and how attackers exploit them to deploy malware. Discover how WebDetector periodically scans domain names, producing a maliciousness score for each page. Understand the tool's architecture, which incorporates open-source components for mirroring, file tracking, and indexing, along with heuristics to identify harmful elements like malicious JavaScript, PDFs, and link redirections. Gain insights into the tool's efficacy through deliberate testing on a controlled Wordpress installation and learn about future plans for refining detection capabilities to address more sophisticated malware strategies.