Wepawet is a platform for the analysis of web-based threats. Wepawet uses a composition of approaches and techniques to execute, trace, analyze, and characterize the activity of code whose execution is triggered by visiting a web page.
Wepawet is developed with two main goals: 1) designing, developing, and validating novel research techniques in the area of web-based malware detection and analysis, and 2) applying these techniques in practice to real security threats.
Publications and Citation
Wepawet is described in the following publications:
- Alexandros Kapravelos, Yan Shoshitaishvili, Marco Cova, Christopher Kruegel, and Giovanni VignaRevolver: An Automated Approach to the Detection of Evasive Web-based Malware
Proceedings of the USENIX Security Symposium, 2013
- Johannes Schlumberger, Christopher Kruegel, and Giovanni Vigna
Jarhead: Analysis and Detection of Malicious Java Applets
Proceedings of the Annual Computer Security Applications Conference (ACSAC), 2012
- Timon Van Overveldt, Christopher Kruegel, and Giovanni Vigna
FlashDetect: ActionScript 3 Malware Detection
Proceedings of the Symposium on Recent Advances in Intrusion Detection (RAID), 2012
- Luca Invernizzi, Stefano Benvenuti, Paolo Milani Comparetti, Marco
Cova, Christopher Kruegel, Giovanni Vigna
EVILSEED: A Guided Approach to Finding Malicious Web Pages
Proceedings of the IEEE Symposium on Security and Privacy (SSP), 2012
- Yanick Fratantonio, Christopher Kruegel, Giovanni Vigna
Shellzer: a tool for the dynamic analysis of malicious shellcode
Proceedings of the Symposium on Recent Advances in Intrusion Detection (RAID), 2011
- Davide Canali, Marco Cova, Giovanni Vigna, Christopher Kruegel
Prophiler: A Fast Filter for the Large-Scale Detection of Malicious Web Pages
Proceedings of the World Wide Web Conference (WWW), 2011
- Marco Cova, Christopher Kruegel, Giovanni Vigna
Proceedings of the World Wide Web Conference (WWW), 2010
- Sean Ford, Marco Cova, Christopher Kruegel, Giovanni Vigna
Analyzing and Detecting Malicious Flash Advertisements
Proceedings of the Annual Computer Security Applications Conference (ACSAC), 2009
If you want to acknowledge the use of Wepawet, please use both of the following two citations:
The Wepawet team:
Problems, ideas, feedback? We are always happy to hear what you think.
The best way to contact us is via email: firstname.lastname@example.org.
Copyright Notice: © 2008–2012 The Regents of the University of California. All Rights Reserved.
Access to Wepawet is provided for internal use by end-users only. All other uses are expressly prohibited. Note that many of the research ideas behind Wepawet are brought to the next level by Lastline, Inc., a security company that brings our academic research to the market.
Warranties, or lack thereof: This service is offered “as is”, without warranty of any kind; we shall not be liable for any damages caused by the use of this service. Notice in particular that while we do our best to make Wepawet accurate, there may be errors in the results that it provides: for example, a benign site may be flagged as malicious, and a malicious resource may be considered benign. Use your judgment when acting on the results of this service.
Data sharing: Data submitted to this service may be re-used in other projects and research of our group. Furthermore, it may be shared with trusted members of the security community to enhance our collective malware intelligence, improve tools, and general goodwill. Let us know if this is cause for concern: we can probably find a way to work with you.
Privacy: When you use this service, we keep track of your IP address for monitoring and management purposes. Furthermore, we rely on a number of third-party services to provide additional services and functionalities: Google Analytics for web analytics, Disqus and Google Docs for commenting and feedback. Please, refer to their privacy policies for more details on what information they collect on you.