Checking whether a host is flagged by Google Safe Browsing for malicious activities
System administrators hosting users often struggle with monitoring their servers against malware distribution. Nmap allows us to systematically check whether a host is known for distributing malware or being used in phishing attacks, with some help from the Google Safe Browsing API.
This recipe shows system administrators how to check whether a host has been flagged by Google's safe browsing service as being used in phishing attacks or distributing malware.
Getting ready
The http-google-malware
script depends on Google's safe browsing service, and it requires you to register to get an API key. Register at https://developers.google.com/safe-browsing/?csw=1.
How to do it...
Open your favorite terminal and type the following:
$nmap -p80 --script http-google-malware --script-args http-google-malware.api=<API> <target>
The script will return a message indicating if the server is known by Google's safe browsing...