Suspicidy aims to detect suspicious web requests. Currently, it only supports detection by request path, using a data-set of almost 800 paths collected from real web crawlers.
The package can be installed by adding suspicidy
to your list of dependencies in mix.exs
:
def deps do
[
{:suspicidy, "~> 0.1.0"}
]
end
If you want to use the built-in data-set, you can just use the Suspicidy
module.
iex(1)> Suspicidy.suspicious_path?("/")
false
iex(2)> Suspicidy.suspicious_path?("/phpmyadmin")
true
You can use your own data-set if you wish. In order to do so, you have to create a loader module for the request paths. Here is a simply example:
defmodule MyApp.CustomLoader do
def resource_files() do
# Normally this would return a list of
# file paths to the files containing the data-set.
# You would put them in your priv directory.
[]
end
def paths() do
# Here we return a list of paths.
# You would normally load them from
# e.g. your priv directory.
["/evil", "/data.zip"]
end
end
Then you can create a custom module and instruct Suspicidy to expose your data-set.
defmodule MyApp.CustomUsage do
use Suspicidy.Builder,
path: [loader: MyApp.CustomLoader]
end
Finally, use your custom module:
iex(1)> MyApp.CustomUsage.suspicious_path?("/")
false
iex(2)> MyApp.CustomUsage.suspicious_path?("/evil")
true