Hi
I am trying to automate a manual tasks of checking if our vendor product used as Web proxy is blocking malicious URLs correctly at various points in time.
My main question is that since most malware are designed to infect browsers or plugins in browser like Java or Flash, will this be safe to access the malicious website output in a URL and check the status code of the request? In other words, is running invoke-webrequest on a windows box to check if a malicious URL is accessible as bad and equivalent to browsers to it in IE with all the chances of infections associated with it?
Or since the output is walled off in the variable in memory and cant interact with browsers or plugins in this format mean that it is sandboxed even if it does contain a drive-by malware
A sample code is below
$a = invoke-webrequest -uri $dodgyurl if ($a.statusCode -eq '200') { write-host "Dodgy URL is accessible, need to do something!"} if ($a.statuscode -eq '403') {write-host "Dodgy URL is blocked. Yay!}