Skip to content

clsv/php-malware-scanner

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

32 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

PHP malware scanner

Traversing directories for files with php extensions and testing files against text or regexp rules, the rules based on self gathered samples and publicly vailable malwares/webshells. The goal is to find infected files and fight against kiddies, because to easy to bypass rules.

How to use?

$ php ./scan.php -h
Usage scan.php -d <directory> [-e=.php] [--hide-ok] [--hide-whitelist]
    -d                Directory for searching
    -e=.php           Extension
    --hide-ok         Hide OK aka not infected messages
    --hide-whitelist  Hide whitelisted messages
    --extra-check     Adds GoogleBot and htaccess to Scan List.

Whitelisting

See whitelist.txt file for a predefined MD5 hash list. Only the first 32 characters are used, rest of the line ignored so feel free to leave a comment.

Resources

Licensing

PHP malware scanner is licensed under the GNU General Public License v3.

About

Scans PHP files for malwares and known threats

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • PHP 91.5%
  • Shell 8.5%