Monthly Archives: January 2013

Verifying Link Security

The beauty of the internet is the hyperlink. All objects in the cyberspace are essential represented by a link or URL. Obviously, this includes malicious code. Delivering an email to a user with a link to a website hosting malicious code is the first step in most attack.

How you can verify a link is safe to visit before visiting it? There is a high risk of inflecting malware or virus if you visit every suspicious link. Fortunately, UC Santa Barbara student created a project to verify the suspicious URLs by actually visiting the destination. They even follow the redirect command and visit the deep links.  The project is

Wepawet is a platform for the analysis of web-based threats. Wepawet uses a composition of approaches and techniques to execute, trace, analyze, and characterize the activity of code whose execution is triggered by visiting a web page.

However, there is one possibility that since Wepawet is hosted with a fixed IP address, the attacker could return harmless content if they detect the source IP address is the same as Wepawet address. When using this tool, it is better that you use a public accessible proxy.