How secure are your web page’s from exploits? This all depends who you’re asking. If you are asking the host company than more than likely they have security in place to block potential holes that can lead to server attacks. If you are asking the owner of a website, they will, in most cases say their website is free of Malware.
Web pages that contain exploits often use a series of redirects and obfuscated code to make it more difficult for somebody to follow. This type of exploit is hidden from the user, but it resides in the HTML code within a web page.
There’s an effective way to check if your website or blog contains Malware by downloading Malzilla.
What’s Malzilla?
MalZilla is a program that is capable of finding malicious code on web page’s. It allows you to choose your own user agent and referrer, and has the ability to use proxies. It shows you the full source of web page’s and all the HTTP headers. It gives you various decoders to try and deobfuscate JavaScript as well.
How to install Malzilla
- Download the files
- Extract all files
- Double click on Malzilla icon and select run
Once Malzilla is running, enter a URL you would like to check. You can select to send all scripts to decoder and all links within your code to be parsed. This will allow you to uncover hidden code that could have Malware.
How to check if your website is listed as a dangerous domain:
Malware Domain List provides a list of websites that are considered to be dangerous: http://www.malwaredomainlist.com/mdl.php
Do not click on any of the links on this page.
You can search for sites you frequently visit to ensure they’re not listed as well.
Thanks for sharing this information about this pretty helpful tool. I agree with this: If you are asking the owner of a website, they will, in most cases say their website is free of Malware.I myself as an owner of a blog would say I am malware free. So it’s really best to check it out on your own. Much safer too.
Andrew,
I like it, but you have to play around with it to get familiar with programs navigation.
This is of course a good information, but I think it required some skill to identify malicious code.
McAfee’s FileInsight (http://www.webwasher.de/download/fileinsight/) is also a good tool to find out malicious code on a web page, but little complicated.
Nice information Frank. I usually use Google website diagnostic tool – http://www.google.com/safebrowsing/diagnostic?site=website url and http://www.trusteer.com/FIsearch/open_search.php for this purpose.
Arafat,
Nice share and thank you for adding that little extra!
Thanks for sharing this sofware. It would a great help.
Nice Blog..