Checks if hosts are on Google's blacklist of suspected malware and phishing servers. These lists are constantly updated and are part of Google's Safe Browsing service.
To do this the script queries the Google's Safe Browsing service and you need to have your own API key to access Google's Safe Browsing Lookup services. Sign up for yours at http://code.google.com/apis/safebrowsing/key_signup.html
- To learn more about Google's Safe Browsing:
- To register and get your personal API key:
URL to check. Default:
API key for Google's Safe Browsing Lookup service
smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusernameSee the documentation for the smbauth library.
http.max-cache-size, http.max-pipeline, http.pipeline, http.useragentSee the documentation for the http library.
nmap -p80 --script http-google-malware <host>
PORT STATE SERVICE 80/tcp open http |_http-google-malware.nse: Host is known for distributing malware.
Author: Paulino Calderon
License: Same as Nmap--See http://nmap.org/book/man-legal.html