URL X-Ray, Reveal URL Shortener Link Destinations
If you have ever had your browser and your computer hijacked, it can be one of the most unpleasant experiences. This sort of problem will take a lot of hours for you to clean up, and if it's really bad, it can take days and sometimes a loss of precious data and even money if you are not tech-savvy enough to fix the issue.
As an IT Security professional, I know that you need to be one step ahead of the cretins out there who are trying to scam you and the rest of the online world. The web has become a security and privacy nightmare, and I would like to help you navigate just a bit more safely.
Most recently I was selling an item on craigslist. This was honestly my first time doing so and was astounded at the amount of scammers sending me replies to my ad which also contained masked URL's using URL shorteners from services such as Bitly, and Tiny URL.
One click on these links will turn your perfectly good day into a rotten one. So the next time anyone sends you a shortened URL and you are suspicious as to what is lying behind that URL mask, try out: URL X-Ray.
You can check links right on site or make use of the bookmarklet that makes the process a bit more comfortable. It's okay to not trust every web link that is sent to you. After I generally find out about the web link and it's still looks sketchy but the curiosity is getting the best of me, I must refrain from letting gullibility take over.
Scanning the actual URL is the very next step. There's only one option for you on this dilemma. You can use the Web of Trust WOT add-in for your browser. These days I have graduated to the WOT add-in for my Chrome browser (also works in Firefox). You can also go to their website and enter the URL and you get a short, sweet easy to understand report as to what is on the site before you access the website and face potential dangers.
The four step ranking system is great in my opinion. The other part that I really like about the system in place is that other users of WOT are able to contribute as well. So the reliability is based on everyone's input and not just some corporate husk trying to package a product that is only half decent if at all. Let's recap, there are two things you must have in your toolbox for keeping your computer and online reputation out of harm's way when online. Find out what web link you were sent in the first place with URL X Ray, and then scan the site before you access it by employing the WOT toolbar/plugin or the actual website to get the full report of the site's content.
Web of Trust is not the only service offering to scan a website and give you an assessment of its online standing. Alternative tools include Norton Safe Web.
I believe there is a better way to go about this using a userscript, it hasn’t been updated since late last year but the concept is there and can be built upon to extend to other url shorteners and to fix any bugs.
I believe the developer of said script resides in Japan, I hope he is well : |
Oops, I forgot to add name of the script, TinyURL decoder which can be found here.
It will automatically convert shortened urls to the reveal the actual url it will redirect to.
The site has lots of XXS vulns :-(
I’ve send the author a mail, lets hope he fixes them.