Menu
Does anyone know of any script injection scanners that are able to detect if your website has been compromised (i.e. javascript that has been injected that should just not be there)?
217
It is difficult: you need to test every URL of your application and check if specific patterns are present in the reply (and it is very difficult to have a good algorithm which can understand which is good and bad javascript, or you need to configure this scanner which can be long and tricky).
There is a realtime open source solution called mod security on the server side. It is a web application firewall: it can detect specific patterns in requests and / or responses. It works on apache as a module. This is mainly a production solution, and does not detect injection during development. Furthermore, you need some experiences to tune it (what is good and wrong in the data exchanges with our clients) which can be tricky and does not protect against new attacks or more intelligent attacks (re-encoding characters for instance).
By the way, another solution is to use Content Security Policy but it is not available in all browsers (well, no one at the present time, wait for Firefox 4 ;-).
84
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
