Aye mateys and mateyettes, I'm such a stickler for review, review, review, have someone else review, then maybe review again, then release to the wild.
What I refer to is a typo in the morningstarsecurity.com/research/urlcrazy page. And that typo is a reference to google.com that is spelled "goole.com". Silly, I know. But when you're talking about a tool that checks for these types of things, phishing/spoofing, one-letter-off web site names and their brethren, please please please spell check before releasing. Whew (. . .) ---------------------------------------------------------------------------------------------------------------- Find it here - ------------------------------- Popularity Estimate We can estimate the relative popularity of a typo by measuring how often that typo appears on webpages. Querying goole.com for the number of search results for a typo gives us a indication of how popular a typo is. ------------------------------- ---------------------------------------------------------------------------------------------------------------- I have not run the tool myself, BUT it looks like a great tool to have in your kit. I have security questions and will return soon enough. Six, two and even Over and out - Robert On Thu, Dec 13, 2012 at 7:09 AM, swierckxlists <[email protected]> wrote: > Hi Brian, > > Part of the research/finding out if this is happening to you or your company > can be automated using the URLCrazy tool > (http://www.morningstarsecurity.com/research/urlcrazy), the tool has been > reviewed / described in this blog post: > http://www.ihackforfun.eu/index.php?title=urlcrazy-is-someone-spying-on > > Strider is a similar tool by Microsoft but URLCrazy is open source and can > be adapted to your needs if further automation is needed. > > Greets > > Steven > > On 12/12/2012 15:43, Brian Erdelyi wrote: >> >> Good morning everyone, >> >> I'd like to create a guide and checklist for detecting phishing attacks. >> I want to focus on server side. What can a website admin do to detect >> phishing attacks and spoofed websites? What can a web app developer do to >> make it easier to detect phishing attacks and spoofed websites? _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
