Home page logo
/
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News

File http-google-malware

Script types: portrule
Categories: malware, discovery, safe, external
Download: http://nmap.org/svn/scripts/http-google-malware.nse

User Summary

Checks if hosts are on Google's blacklist of suspected malware and phishing servers. These lists are constantly updated and are part of Google's Safe Browsing service.

To do this the script queries the Google's Safe Browsing service and you need to have your own API key to access Google's Safe Browsing Lookup services. Sign up for yours at http://code.google.com/apis/safebrowsing/key_signup.html

  • To learn more about Google's Safe Browsing:
http://code.google.com/apis/safebrowsing/

  • To register and get your personal API key:
http://code.google.com/apis/safebrowsing/key_signup.html

Script Arguments

http-google-malware.url

URL to check. Default: http/https://host

http-google-malware.api

API key for Google's Safe Browsing Lookup service

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

Example Usage

nmap -p80 --script http-google-malware <host>

Script Output

PORT   STATE SERVICE
80/tcp open  http
|_http-google-malware.nse: Host is known for distributing malware.

Requires


Author: Paulino Calderon <calderon@websec.mx>

License: Same as Nmap--See http://nmap.org/book/man-legal.html

action

action (host, port)

MAIN

Parameters

  • host:
  • port:

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]