Anti-webhook
prevent malicious webhooks and common hack methods
Good Knight anti-webhook protection complements our anti-link technology. A common hacker tactic after compromising an account is to add a malicious webhook to the server. This gives them the ability to quickly and automatically send @everyone messages. In addition, they can modify the webhook's username and avatar to trick their victims and avoid revealing the account that was compromised.
Good Knight protects against webhook attacks by blocking any messages sent by unregistered webhooks and removing unwanted webhooks. Webhooks are treated based on their danger:
Open Webhook
- deleted immediately Open webhooks are created from the server Integrations tab (Spidey/Captain Hook). Since anyone withManage Webhooks
permissions can access their secret URL (token), these are the most dangerousChannel Follow
- deleted after 5 minutes Channel follows are created when you "Follow" an 📣 announcement channel and can be registered to permit themClosed Webhook
- deleted after 5 minutes Closed webhooks are created by other bots and can be registered to permit themSecure Webhook
- immediately registered Secure Webhooks are created through the Good Knight Webhook Manager, ensuring that their secret URL is password protected
While the Secure Webhooks are protected by Good Knight, they are only as secure as their URL (token). If the webhook URL is shared with a malicious entity, they can still be dangerous.
Last updated