Introducing Zerorose - The Anti Exploitkit.
5:26 PMSince a couple months back, I & a friend have been working on an interesting project called Zerorose. basically its a web vulnerability scanner, but not in a sense you are probably thinking of. we scan your system vulnerabilities from our site.
...What?
Zerorose is a project that tries to use a couple of machine learning algorithms to
analyze known vulnerabilities in the visitors system. It does this by
identifying plugins, browser, OS, common misconfigurations and similar key
identifiers, and checking if any of them are known to be vulnerable for any
issues, if they are or infected with malwares, if they still have support, if
their compatibility/installation can cause other issues or best practice
bypasses. we try to make Exploitkits, adwares and other malicious
infections like ransomwares doesn’t happen.
Do you have a cool video so that I can show my friends?
Duh.
In short: we identify exploitable vulnerabilities (hopfully) before the bad guys do. so you can roam the internet free without automatic client side exploits triggering out of infected, shady sites, malvertising campaigns and that porn site you sometimes visit.
False Positives
Although we try to deliver reliable and actionable
information, it is possible for the system to assume and identify non-existent
issues because of a number of factors. This could be because you using a
modified user agent, using modified plugins or the names of plugins, addons or
scripts you using matching a known malware. if that is the case, you can click on "Report" at the right side of the report and it will try to evaluate (of course, with manual check) & learn from its mistakes.
How are you different from exploit kits?
You may have heard of Blackhole, Crime, Angler or
other exploit kits. What they are doing is not much different from us, except
maybe: we are helping you patch instead exploit them & we are cooler in many ways. ;))
Can I trust zerorose?
Of course. *promises*
Are you the only one doing this?
As far as we are aware, yes. Us and exploit kits.
Why not open source?
We figured it’s quite easier to visit our website than
download/run it in your host everytime you want to scan something, and that
data will soon be outdated. That and we don’t want to share our codez.
Why is it free?
Honestly, we have no idea. I know its a bit suspicious why we went this far to build this but it was mostly done just because we care. =))
Do you accept donations?
Yes, we welcome any kind of help being we are a small team
doing this in a part time. please click here to do that.
4 comments
we use it thank you because of your great idea and advice
ReplyDeleteZerorose , wow
ReplyDeletered hat linux training in chennai | rhce courses in chennai | red hat training in chennai |red hat courses in chennai
Nice one.
ReplyDeleteSoftware Testing Training in Chennai | Manual Testing Training in Chennai | LoadRunner Training in Chennai | QTP Training in Chennai | SOAPUI Training in Chennai | Selenium Training in Chennai | JMeter Training in Chennai
Real Estate Companies in Chennai
ReplyDeleteNote: Only a member of this blog may post a comment.