Webinspect project
My current programming project is called "Webinspect". A web based tool for safe analysis of web sites that you would prefer a second opinion on before visiting. No matter whats on that site, you wont get exposed to harmful or malicious content as trojans, worms, rouge antivirus, or profane movies or pictures.
Why webinspect? Anyone interested in IT security, professional or amateur, may at some point have a reason for getting a safe sneak preview on a website before letting one get exposed to it's content. This project may aim slightly more at professionals and geeks, but anyone can use it for free.
Situations when you would use it
- Received a link from someone, and in doubt of where that link would lead you
- IT forensic situations where you need a direct look at the structure of a specific web page, and also get someone else's opinion on it's rating
- Get a sneak preview of the page and it's content in an environment where you are blocked by a proxy or web filter. As long as Webinspect isn't blocked, it will work
- Curiosity! Get to know more about HTML, CSS, or what web server someone else is using
Features
Now, some of the planned features are not there yet. The reason for letting people now before it's all finished, is that tools like this generally get better with some beta testers to help out. Some of the good stuff:
- View HTTP response information.
- Information on what web server is used.
- Detection of binary content, regardless of what information is sent from the HTTP get response.
- Detection of links listed as malicious. Webinspect uses malc0de lists, updated on a daily basis. Currently, only the submitted URL is checked, but soon all links within the target URL will be checked.
- A full list of all links on the web page is presented. Including; plain links, JavaScript links, iframes, form targets.
- Secure analysis. All retrieved content is handled by Webinspect. No content or side effects will be executed in your browser. This will also make it easier for security analysts to quickly view a potentially malicious target without the need for locked down computers or proxy/firewall openings.
- Choose your own user agent. This is of course a faked user agent, but security wise it can be interesting to see the difference in retrieved content depending on what web browser or operating system is loading the page. List of user agents will grow.
Other features can be added of course. The future of Webinspect will depend on features I would prefer, your input and ideas, and last but not the least my programming skills.
Go ahead!
Take a look at Webinspect on http://webinspect.arbi.se. At the moment, a username and password is needed. This is because Webinspect is only in beta phase, and I would also like to have control of how the tool is used and lessen the risk of overloading the tool and the server. A login can be requested at the webiste. There is also a forum you can register to.
At the moment I believe that update information and bug discussions are better placed at the forum, and general discussions could take place here. We'll see. Short information on major changes will be announced on Twitter.