Today at the RSA Conference, Akamai Principal Security Architect Brian Sniffen is giving a talk titled "Scanning the Ten Petabyte Cloud: Finding the malware that isn't there." In Brian's talk, he discusses the challenges of hunting for malware hooks in stored HTML pages of unspecified provenance, and some tips and tricks for looking for this malicious content.
In conjunction with his talk, Akamai is releasing the core source code for our vscan software. The source code is BSD3-licensed.
We are hopeful that our experiences can be helpful to others looking for malware in their HTML.