prevent malicious webhooks and common hack methods
Good Knight anti-webhook protection complements our anti-link technology. A common hacker tactic after compromising an account is to add a malicious webhook to the server. This gives them the ability to quickly and automatically send @everyone messages. In addition, they can modify the webhook's username and avatar to trick their victims and avoid revealing the account that was compromised.
Good Knight protects against webhook attacks by blocking any messages sent by unregistered webhooks and removing unwanted webhooks. Webhooks are treated based on their danger:
Open Webhook- deleted immediately Open webhooks are created from the server Integrations tab (Spidey/Captain Hook). Since anyone with
Manage Webhookspermissions can access their secret URL (token), these are the most dangerous
Channel Follow- deleted after 5 minutes Channel follows are created when you "Follow" anannouncement channel and can be registered to permit them📣
Closed Webhook- deleted after 5 minutes Closed webhooks are created by other bots and can be registered to permit them
While the Secure Webhooks are protected by Good Knight, they are only as secure as their URL (token). If the webhook URL is shared with a malicious entity, they can still be dangerous.