H.D. Moore, head of the Metasplotit Framework, announced a new, interesting project. With the help of google, he published a search engine for finding malicious software.
This works quite simple. Based on known fingerprints, it searches for them via google. The trigger for this Project has come from the Websense guys, who had the intention to build a similar engine, but based upon SOAP and the google API. But that stuff turned out to be non free, and far less powerful than initally announced.
So why search for malware? For research for example, or for simply testing one’s own security policy. But be aware, malware found by google can be seen as rather aged, and is not a suitable metric for the quality of a defending software framework.
Bookmark to:
Ja, ja. google. So sind sie halt.
Da kann ich ja meine Frage auch auf deinem (übrigens wirklich ansprechenden) blog noch mal aufwerfen:
Wenn man direkt malware verlinken kann, stoßen ja auch irgendwann crawler darauf. Hat eigentlich schon mal jemand versucht, diese zu exploiten… ?
Originaltext
ralle am 2006-11-15