公开(公告)号：US20240340315A1

公开(公告)日：2024-10-10

申请号：US18746008

申请日：2024-06-17

申请人： Shape Security, Inc.

发明人： Wesley HALES ,  Jarrod OVERSON

IPC分类号： H04L9/40 ,  G06F16/958

CPC分类号： H04L63/1483 ,  G06F16/986 ,  H04L63/1416

摘要： Techniques are provided for detecting compromised web pages in a runtime environment. A first version of a web page is retrieved and loaded in a browser comprising a browser extension configured to detect event listeners added when web pages are loaded by the browser. First data is generated describing a first set of event listeners detected by the browser extension when the first version of the web page is loaded. At a second time a second version of the web page is retrieved and loaded in the browser. Second data is generated describing a second set of event listeners detected by the browser extension when the second version of the web page is loaded. It is determined that the web page is compromised based on comparing the first data and the second data. In response to determining that the web page is compromised, a threat response action is performed.