Wikiscanner

OK, I’m sure that, as usual, I’m a day late to this party…but, I’m having lots of fun with Wikiscanner . It’s pretty fun to browse around companies that you’ve worked for and seeing what edits they have been doing on Wiki. One of the cool things is to look at a company and see when and where they have been editing their Companies wiki (it’s also funny to see when and where they have been editing their competitions wiki). Companies want to ensure that the Wiki article reflects well on their company. After all, a google query for company X will almost always have the Wiki article as one of the top hits. I’m pretty sure that this can be used to an attacker’s favour. For instance, if you know that the PR folks are monitoring and editing a certain page on the Internet at regular intervals, then you can inject malicious links, code (?), etc. and use it to target the internal user. What if the wiki page for a large software vendor contained a link to where they could download a demo of the software for free? Would the PR person know better than to download the software and see what it was?
!Dmitry

Share