#StandWithUkraine

UnmaskParasites.com – simple web page security audit

I have picked this one a while back from website security check post at ghacks, but it managed to get lost in my bookmarks until recently.

Insertion of malicious code into web page is typical outcome of site getting hacked and it is often tricky to catch and figure out. Especially if there is effort spent to hide from site admin. Unmask Parasites is online service that breaks down page into links and scripts to make it easier to spot unwanted additions.

What it does

Site takes URL as input and after snappy analysis gives you report results. There is rough overall verdict (clean or not) but site itself urges to take a look at details. unamsk_parasites_interface

Report includes plenty of details, including:

  • redirect status, if present;
  • page generator tag;
  • Google safe browsing estimate about page;
  • detailed breakdown of links on page;
  • suspicious scripts.

Strong features

List of links makes bulk of report and is most useful part. Links are grouped by domain, are marked with amount and split into anchor texts and actual URLs. It makes it very easy to spot something that shouldn’t be on page.

Service URL has easy format and bookmarklet is also provided, makes it convenient to check multiply pages.

Downsides

While link analysis is comprehensive, script analysis is much less so. Common scripts seem to be skipped without mention. Which doesn’t mean they are harmless – Google AdSense is not included in report, but maliciously added or changed code for it would be nothing good.

I had also noticed that newer asynchronous Google Analytics code is marked as suspicious.

It would make sense to include images. They are commonly used in tracking scripts and spreading malware through images alone is not unheard off.

Overall

Excellent and easy to interpret security report, that slightly lacks in scripts department. It is not absolutely comprehensive, but is excellent place to start.

Link http://www.unmaskparasites.com/

Related Posts

4 Comments

  • The DataRat #

    . Thanx, Rarst ! . The PC Rat .
  • Rarst #

    @DataRat For what? :) You are welcome anyway.
  • The DataRat #

    . "For what?" . For providing us with useful info like this on checking for malicious code in our Web sites. You publish this stuff, Rarst, and often we don't have much to comment specifically on the article. It's valuable, yet we just don't have a question or particular opinion to espouse. So I just wanted to say "thanx" for all of us who read your blog and benefit thereby. . The DataRat .
  • Rarst #

    @DataRat By the way do you run any sites? :) I don't think you had ever filled URL field or mentioned any. Thankfully after many months I have long surpassed doubts that there are people who read and appreciate my posts. :) Awesome and active commenters like you don't let me forget that. I am considering a button to click and it shows "X readers liked this" or something like that for new theme. On the fence about idea. It gives an option for when comment isn't really needed but can also be clutter of a function.