Automating web browsers with Selenium

I have a new fun toy to play with: Selenium makes it possible for you to automate web tasks. After you start the Selenium server (a java command line program) you can get access to the browsers you have installed (Firefox, MSIE, Opera, Konqueror, you name it) and use the Selenium API to simulate user interaction with the browser in your favorite programming language (Java, Perl, PHP, Python, Ruby or C#). You can even use a Firefox extension to record your actions to rapidly develop these test cases. Read the rest of this entry »

Honeypots for spambots

I had a look around for Honeypot concepts again. These are “traps” laid out for spidering robots that harvest email addresses from websites. If some robot access the honeypot, it will be completely blocked out from the site for some time, see the meshapsteps CVSTrac for an example of it in action. Apart from the two evolt.org articles “Using Apache to stop bad robots” and “Stopping Spambots II – The Admin Strikes Back” that I read some time ago, too, I found two Apache modules that are aimed for the same thing, Robotcop and Bottrap mod_perl. Of course you can use PHP to automate security, too. Another idea that might prove useful is to deliberately provide email addresses for spambots that are only meant to be used to feed the spam filter.

And as for Virii and Trojans, VirusTotal let’s you upload files for inspection by a broad collection of antivirus scanners, maybe even helping the AV software developers out. This would work nicely combined with “real” Honeypots like mwcollect or Nepenthes.