Obscure or Special-Purpose Browsers?

[davej]

I happened across this old article... http://www.infoworld.com/d/applications/top-10-specialty-web-browsers-you-may-have-missed-026?page=0,0 So are there any "special purpose" web browsers that are worth a look?

[justsomeguy]

That article is only 2 years old, it has a list of links at the bottom.

[davej]

That article is only 2 years old, it has a list of links at the bottom.

Yes, but I guess my question is really: "Does anyone here use an obscure special-purpose browser for anything?" Actually I've been wondering about what might be used to observe attack websites. I constantly receive e-mails that are obviously hoping that I will visit their poisoned "attack sites" through the links provided, and I think it would be neat to have some program that could pretend to be a popular browser (but actually be absolutely impervious) so that these sites could be safely exercised and their tactics observed. Edited June 14, 2012 by davej

[justsomeguy]

Security researches doing that type of analysis will typically actually use a popular browser like IE8 with the various plugins (Acrobat, Java, Flash, etc) installed so that they can see how it is actually attacked. The difference is that they run it in a virtual machine, so the attacker can compromise that virtual machine however they want and the researcher can simply save an image of the entire machine, OS and everything, to analyze later and just reset it to get it back to a clean state. If you want to investigate that type of thing yourself, just to look at their code, then you would need to harden your browser to disable all plugins and use extensions or settings to disable things like Javascript. You can also use a text-only browser like Lynx, I don't think anyone has managed to use Lynx as an attack vector. You could also use something as basic as telnet or wget to just get their source code and analyze it at your leisure.