Friday, 13 October 2006
TippingPoint Launches Monkeyspaw, Open Source Phishing Research Tool |
| |
|
| |
TippingPoint has developed a phishing research tool called Monkeyspawthat checks web sites for legitimacy and reports fraudulent sites. "TippingPoint is contributing Monkeyspaw to the public to help investigators analyse and report phishing and other malicious web sites," said Tod Beardsley, Monkeyspaw creator and lead counter-fraud engineer at TippingPoint.
Monkeyspaw is used to determine the owner of a particular web server, collect web server configuration information, determine the location of the site, and finally, report fraudulent sites to nearly 50 international organisations through CastleCops. CastleCops reports malicious activity directly to groups including the Federal Bureau of Investigation, Anti-Phishing Working Group, Korea Information Security Agency, and the Australian Computer Emergency Response Team, the company said.
Through the open source community, the Monkeyspaw framework can receive extended testing and development. Users are encouraged to suggest and implement useful features, such as additional reporting capabilities, advanced analysis techniques, and extended cross-correlation. Monkeyspaw is freely available, and can be downloaded here.
|
| |
|
|
| |
|
|
| |
|
|
| |
|
