Identify And Analyze Malicious Webpages

Update: Malzilla hs not been updated since 2008 which indicates that the project has been abandoned by its developers. While still available for download, it may not be up for the task anymore considering that years have passed in the meantime. Much of what Malzilla offers is also available in Developer Tools that browsers ship with nowadays. These tools can be opened with a tap on F12 in the browser of choice.

Malicious web pages make sometimes use of a series of redirects and code obfuscations to make it difficult for users to identify and analyze the threat.

Malzilla is an open source software program for Windows that steps in and aids researchers in identifying and analyzing JavaScript code on webpages.

The name stems from the fact that Malzilla is based on the Firefox JavaScript engine SpiderMonkey. It basically provides opportunities to load a webpage in the program using custom referrers, User-Agents, cookies and proxies.

The application will display the source code and the http header of the webpage in the interface. The user can view the webpage in text mode, hex view, cookie mode and use a links parser. Single or multiple scripts can be sent to a script decoder to decode them if possible.

To use it you enter the url of the website or page you want to analyze and click on get afterwards. This retrieves the page and fills all tabs with information.

From there, you can sent any script to the decoder for analysis with options to run it in the decoder tab as well.

Some of the interesting features:

• JavaScript decoder
• Decode Hex, USC2 and Base64
• Link Parser
• Clipboard Monitor
• Hex Viewer
• Note taking
• IP Converter

Malzilla is not a tool for just anyone but it can be very helpful for analyzing webpages. It definitely eases the process of analyzing and identifying webpages.