Patent attributes
A computer-implemented method for identifying URLs that link to potentially malicious resources may include (1) compiling a set of URLs that link to at least one potentially malicious resource, (2) identifying a common pattern of characters included in the set of URLs that link to the potentially malicious resource, (3) deriving a regular expression capable of being used to identify additional URLs that link to one or more potentially malicious resources based at least in part on the common pattern of characters, and then (4) identifying at least one additional URL that links to at least one potentially malicious resource by (i) applying the regular expression to the additional URL and then (ii) determining that the additional URL links to the potentially malicious resource based at least in part on applying the regular expression to the additional URL. Various other methods, systems, and computer-readable media are also disclosed.