Artemis icon indicating copy to clipboard operation
Artemis copied to clipboard

Published 20 hours ago verified publisher icon CERT-Polska

URL reputation module

Open RasenRhino opened this issue 11 months ago • 1 comments

I have opened this PR for code review and further improvements. This is an abstract idea on how I plan to proceed with this issue .
testing it alongside.

TODOS:

  • [ ] add the data to the database part
  • [ ] check for the urls (the no 404 is relatively easy so have left it for last)

The test script that has been translated to this module can be looked at here one can probably use this for testing purposes. just a simple html website with a few bad urls which I was using while developing this script. just serve it through any live server and point it to the base url.

RasenRhino avatar Mar 27 '24 10:03 RasenRhino

The overall logic seems fine. The main two things to improve would be:

  • add reporting capabilities, so that malicious outgoing links would be included in automatic reports generated by Artemis
  • research what methods of identifying bad URLs are available - the one you chose detects only direct malware download links as malicious, which looks insufficient to me

kazet avatar Apr 18 '24 08:04 kazet