Check for encoded javascript/php, check any redirects, check for any 1x1 iframes, etc wget/curl scripting can really do a lot for you and if you want to roll up your scripting sleeves, you can leverage the VirusTotal API. https://www.virustotal.com/documentation/public-api
On Wed, Dec 12, 2012 at 8:43 AM, Brian Erdelyi <[email protected]>wrote: > Good morning everyone, > > I'd like to create a guide and checklist for detecting phishing attacks. > I want to focus on server side. What can a website admin do to detect > phishing attacks and spoofed websites? What can a web app developer do to > make it easier to detect phishing attacks and spoofed websites? > > Brian > > Sent from my iPhone > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
