Description : This script generates alert if any Unauthorised Website has accessed on end point.
Note : In function def url(),you need to give the website names which you need to check whether the end point user has opened it or not.
The script should run every 5min,so it can easily trigger the alert if that website is opened.
Tested OS : This script has tested on Windows(7),Windows(8,8.1), Windows(10) Machines
# The script is a template to check UAC status on device.
import os
import sys
import _winreg
def alert(arg):
sys.stderr.write("%d%d%d" % (arg, arg, arg))
# Please use "alert(1)" to turn on the monitor(trigger an alert)
# Please use "alert(0)" to turn off the monitor(disable an alert)
# Please do not change above block and write your script below
import os
import re
import socket
import getpass
def url():
name=os.environ['username']
print 'PC-NAME : '+name
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect(("8.8.8.8", 80))
print "IP-ADDRESS : " + (s.getsockname()[0])
websites=("www.quora.com","www.youtube.com","www.ebay.com","www.facebook.com")#Add your websites here
print "You are checking "+str(len(websites))+" Websites"
c=0
for i in websites:
url='ipconfig /displaydns |find "'+i+'"'
output=os.popen(url).read()
for i in range(0,len(websites)):
if websites[i] in output:
print websites[i]+" Has opened by " +name+ " user"
c=c+1
if c>=1:
alert(1)
else:
alert(0)
url()
Sample output :
