"ruhroh" but backwards.
Ever had someone uploading files that weren't malware or malicious, but were instead HTML files used to redirect someone to somewhere else malicious? If so, then this library is for you.
It's a late-night, "how could this work" swing at easily identifying this class of annoying but not malware scannable files (really only HTML files at this time, since, you know... "redirects" implies a browser).
go get github.com/ttacon/horhur
go get github.com/ttacon/horhur/cmd
horhur -f https://twitter.com
- Meta-refresh
- JS history changes
- JS writing to document
- Web server 3XX