Comodo Site Inspector Launched for the forums

Hi Guys

Here is a real time tool that checks to see if a site is malicious or not.

Please go ahead and try this and post your feedback here. This is launched just for the Comodo Forums… But obviously it’s shown to every guest who comes here but you know it’s not officially launched, Melih wanted it launched for a Wider Audience for more testing to improve this, It’s an online service as you can see… So it won’t be put in CIS.

Please Remember… Some sites “attack” user’s browsers… it is those active attacks that Site Inspector checks. This is NOT a AV checking for hosted content. This is an “Attack Detection” tool.

Feedback is appreciated for Comodo.


hi,great job,i believe in you people.well, i’m always ready to help comodo when i is one outcome from my use of siteinspector . an issue that should be addressed is that the tool shows websites as “clean” when they are not accessible(offline).for example,i’ve tested it with the domain " " which is attributed to be malicious by a filter subscription of adblock plus in firefox. well, see the screenshots to view the report of comodo siteinspector.

ps: in one genuine case, siteinspector kept looping on the site with many iterations and remained in"work in progress" .hope this helps

[attachment deleted by admin]

If you type in the wrong url by mistake it comes back “clean”. Not very safe.

I also tried a known bad site (type svcom in google, top answer) and it came back clean. Google warns it is bad.

Was it a Attack Site or just a site that hosts malware? Comodo SiteInspector does not check for hosted content, It checks for Active Sites that attack browsers.


Josh is correct, For example… a “Warez site” is a good site, with bad content. a site like this;

*malicious URL*

is a Harmful site. that usually used exploits to do damage just by visiting the site.

Don’t visit that link I provided, use it for testing with Siteinspector only.

I don’t see a point of making it a software… it’s an “in the cloud service” Maybe comodo would make it something like a proxy sever? who knows… just a guess.

Josh since it’s early days maybe it’s good thing to mention that currently it’s still in testing…

BTW, Melih. Defense+ for sure takes care of preventing these sort of attacks, Are the benifits of this new service worth it?

pls give us your feedback about this service!

it detects “active attack” from a site. (pls do not confuse this with other services that scans the site content to see if the site has malware or not). Active attack means this site is actively trying to attack your computer in an attempt to inject malicious files into it.



it could take upto 30 sec or even more to test a site, as they could put a timebomb. Its diffiicult to integrate this online service so very easily into a realtime environment like CIS, but we have some ideas :wink:


It takes too long if a site contains a lot of urls.
Can it only analyzes the url submited excluding sud urls?
Or we can set the deep of hierarchy.

This is just a toy to play with… And you guys are just lucky to actually play with it, and in the future, whether it would be 3 months, 6 months or a year… you guys will be the benefices of this new toy “Site Inspector” As Melih said, It’s an online service… It will be difficult to integrate into CIS. However, As Melih said their are ideas floating around.

If we look at a Scenario with CIMA (Comodo Instant Malware Analysis) which is also an online service, Melih said THAT would be hard to integrate into CIS Back in September 2008, Now here we are at the end of January, And we are looking at a CIMA like hurisitics in maybe in March (If Comodo can push it) into CIS. So anything is possbile, nothing is possible… And yes as long as CIS is on a machine your completely protected from Sites that host malware, etc… SiteInspector looks for things that actually are active sites that ATTACK Browsers, There is huge difference between hosted malware on a site, and a site that attacks a users browsers.

Let’s look at an example: Site Advisor Scans for Malicious Content on a Site, So Site Advisor saids “Really who cares if the site actually attacks your browser? we can just analyze the KNOWN malicious content and bring up a big fat yellow, red or green sign! (YAY! GREEN MEANS GO…LOL)” So a user enters a green site. Suddenly without your permission a malware injects all kinds of malware into your PC. But Site Advisor didn’t detect this. :frowning:

On the other hand, Site Inspector scans for ACTIVE Sites that actually attack your browser, and attempt to inject malicious files onto your PC. Site Inspector saids “Okay, fine - Malicious files MAY be on a site, But some malicious sites may not be active or the malware may not either actually attack your PC, So we will scan for sites that ATTACK the users browser and PC” Now you are safe! :slight_smile: And with CIS installed to you are still safe!

Bottom Line: SiteAdvisor checks for known malicious content on a site. SiteInspector checks for sites that are active and “ATTACK” a users PC and attempt to inject malicious stuff onto it.

So give Comodo your feedback on this. :slight_smile:

(Reminds again, Test sites that attack you). :wink:


Let’s not forget the service may also be useful if you’re surfing at some machine that doesn’t have decent protection.

If the scan takes a lot of time,I think people will choose siteAdvisor.

I hope this will be like siteadvisor though, I like how it sits in the corner of your browser…site inspector BETTER be like this!

do not visit this site!!! >:(

malicious URL

I manually made sure the link is not click able, but when I put this site adress in site inspector, it takes very long for it completes:

400 iterations and still is counting… ??? what does this mean? site inspector site is buggy or url is not good?


:P0l Folks, no malicious URLs here in the public forums please, according to forum policy. (In the malware research restricted boards it would be a different story.)

This is the second one I edit out if you check back, so I though I should tell you not to do it again.

Yes sir! but do you care to explain how I can proof my point without showing the url ??? (:WIN)

also, technically you can not call it an url, it was not click able… ;D

yes, what are these iterations? i’ve gotten them too with a couple sites.

also, is COMODO currently (or in the future going to) compiling a list of the malicious sites submitted?


Josh, I was testing the early version of Siteinspector and was reporting bugs 88) I know what it does.

Whats the benifit of having this feature though? Defense+ protects from this anyway…