
Show HN: "Network diff” detects new scripts or data exfiltration on websites - bluepeter
https://fluxguard.com/javascript-constable
======
bluepeter
Let me know if all y'all have any questions! Fluxguard provides web change
monitoring and alerts. We take screenshots, fully render the DOM... and we
alert you to any DOM, pixel, or text changes.

Our new "network diff" feature goes one step further.

It creates a HAR file for all network activity on any page (including for
complex form submission pages such as shopping carts). We repeatedly crawl
this page (or sequences of pages). And we look for changes to network
activity.

This way, you can catch and alert any new XHR, image, script, or other
resource activity on any page of your site.

You can use whitelists to exclude certain domains from analysis (e.g.,
google.com). Lot of other config options let you further reduce false
positives.

Why'd you want to do this?

Magecart and other hacking groups use cross-site scripting, poisoned NPM
modules, DNS spoofing, and so many other attacks to exfiltrate data from
Magento and other CMS.

It's hard to stop these guys as they are adept at covering their tracks. Edge
protection systems aren't great if the attacker is coming "from inside the
house."

Our new network diff crawls your live site repeatedly. We orchestrate common
user journeys -- creating an account, ordering a product -- and we look for
any network activity that shouldn't be there.

Cool, eh?

(Sorry for the wall of text.)

